sunxacml-commit Mailing List for Sun's XACML Implementation (Page 3)
Brought to you by:
farrukh_najmi,
sethp
Menu
▾
▴
sunxacml-commit — Notifications of cvs commits appear on this list
You can subscribe to this list here.
| 2003 |
Jan
|
Feb
|
Mar
|
Apr
|
May
(3) |
Jun
(3) |
Jul
(6) |
Aug
(37) |
Sep
(5) |
Oct
(6) |
Nov
(1) |
Dec
(3) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2004 |
Jan
(3) |
Feb
(11) |
Mar
(26) |
Apr
(5) |
May
(27) |
Jun
(13) |
Jul
(7) |
Aug
|
Sep
|
Oct
|
Nov
|
Dec
(2) |
| 2005 |
Jan
(12) |
Feb
(5) |
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
(8) |
| 2006 |
Jan
(10) |
Feb
(6) |
Mar
|
Apr
(3) |
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
(2) |
Dec
|
| 2008 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
(2) |
Nov
|
Dec
(1) |
| 2009 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
(6) |
Sep
|
Oct
|
Nov
|
Dec
|
|
From: Seth P. <se...@us...> - 2005-01-07 23:49:43
|
Update of /cvsroot/sunxacml/sunxacml/com/sun/xacml In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv17448/com/sun/xacml Modified Files: Rule.java Log Message: introduced support for variable referencing and definition, one of the major new features in XACML 2.0 Index: Rule.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/Rule.java,v retrieving revision 1.6 retrieving revision 1.7 diff -C2 -d -r1.6 -r1.7 *** Rule.java 23 Mar 2004 23:38:51 -0000 1.6 --- Rule.java 7 Jan 2005 23:49:31 -0000 1.7 *************** *** 41,44 **** --- 41,45 ---- import com.sun.xacml.cond.Apply; import com.sun.xacml.cond.EvaluationResult; + import com.sun.xacml.cond.VariableManager; import com.sun.xacml.ctx.Result; *************** *** 108,115 **** * functions, or null if this is unspecified (ie, not * supplied in the defaults section of the policy) * * @throws ParsingException if the RuleType is invalid */ ! public static Rule getInstance(Node root, String xpathVersion) throws ParsingException { --- 109,120 ---- * functions, or null if this is unspecified (ie, not * supplied in the defaults section of the policy) + * @param manager the <code>VariableManager</code> used to connect + * <code>VariableReference</code>s to their cooresponding + * <code>VariableDefinition<code>s * * @throws ParsingException if the RuleType is invalid */ ! public static Rule getInstance(Node root, String xpathVersion, ! VariableManager manager) throws ParsingException { *************** *** 152,156 **** target = Target.getInstance(child, xpathVersion); } else if (cname.equals("Condition")) { ! condition = Apply.getConditionInstance(child, xpathVersion); } } --- 157,162 ---- target = Target.getInstance(child, xpathVersion); } else if (cname.equals("Condition")) { ! condition = Apply.getConditionInstance(child, xpathVersion, ! manager); } } |
|
From: Seth P. <se...@us...> - 2005-01-07 23:49:43
|
Update of /cvsroot/sunxacml/sunxacml/com/sun/xacml/attr In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv17448/com/sun/xacml/attr Modified Files: AttributeDesignator.java AttributeSelector.java AttributeValue.java Log Message: introduced support for variable referencing and definition, one of the major new features in XACML 2.0 Index: AttributeDesignator.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/attr/AttributeDesignator.java,v retrieving revision 1.7 retrieving revision 1.8 diff -C2 -d -r1.7 -r1.8 *** AttributeDesignator.java 4 Jun 2004 17:50:39 -0000 1.7 --- AttributeDesignator.java 7 Jan 2005 23:49:31 -0000 1.8 *************** *** 3,7 **** * @(#)AttributeDesignator.java * ! * Copyright 2003-2004 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without --- 3,7 ---- * @(#)AttributeDesignator.java * ! * Copyright 2003-2005 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without *************** *** 260,263 **** --- 260,272 ---- /** + * Returns true since this expression is evaluatable. + * + * @return true + */ + public boolean isEvaluatable() { + return true; + } + + /** * Returns the type of this designator as specified by the *_TARGET * fields. Index: AttributeValue.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/attr/AttributeValue.java,v retrieving revision 1.6 retrieving revision 1.7 diff -C2 -d -r1.6 -r1.7 *** AttributeValue.java 14 May 2004 20:43:07 -0000 1.6 --- AttributeValue.java 7 Jan 2005 23:49:31 -0000 1.7 *************** *** 3,7 **** * @(#)AttributeValue.java * ! * Copyright 2003-2004 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without --- 3,7 ---- * @(#)AttributeValue.java * ! * Copyright 2003-2005 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without *************** *** 80,83 **** --- 80,92 ---- /** + * Returns true since this expression is evaluatable. + * + * @return true + */ + public boolean isEvaluatable() { + return true; + } + + /** * Returns the type of this attribute value. By default this always * returns the type passed to the constructor. Index: AttributeSelector.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/attr/AttributeSelector.java,v retrieving revision 1.10 retrieving revision 1.11 diff -C2 -d -r1.10 -r1.11 *** AttributeSelector.java 4 Jun 2004 17:50:39 -0000 1.10 --- AttributeSelector.java 7 Jan 2005 23:49:31 -0000 1.11 *************** *** 3,7 **** * @(#)AttributeSelector.java * ! * Copyright 2003-2004 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without --- 3,7 ---- * @(#)AttributeSelector.java * ! * Copyright 2003-2005 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without *************** *** 210,213 **** --- 210,222 ---- /** + * Returns true since this expression is evaluatable. + * + * @return true + */ + public boolean isEvaluatable() { + return true; + } + + /** * Returns the data type of the attribute values that this selector * will resolve |
|
From: Seth P. <se...@us...> - 2005-01-07 23:47:54
|
Update of /cvsroot/sunxacml/sunxacml/com/sun/xacml/finder In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv17065/com/sun/xacml/finder Modified Files: PolicyFinder.java PolicyFinderModule.java Log Message: added support for policy versioning, a new feature of XACML 2.0 Index: PolicyFinder.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/finder/PolicyFinder.java,v retrieving revision 1.4 retrieving revision 1.5 diff -C2 -d -r1.4 -r1.5 *** PolicyFinder.java 4 Jun 2004 17:50:40 -0000 1.4 --- PolicyFinder.java 7 Jan 2005 23:47:43 -0000 1.5 *************** *** 3,7 **** * @(#)PolicyFinder.java * ! * Copyright 2003-2004 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without --- 3,7 ---- * @(#)PolicyFinder.java * ! * Copyright 2003-2005 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without *************** *** 39,42 **** --- 39,43 ---- import com.sun.xacml.EvaluationCtx; import com.sun.xacml.PolicyReference; + import com.sun.xacml.VersionConstraints; import com.sun.xacml.ctx.Status; *************** *** 130,134 **** /** ! * */ public void init() { --- 131,135 ---- /** ! * Initializes all modules in this finder. */ public void init() { *************** *** 211,214 **** --- 212,217 ---- * @param type type of reference (policy or policySet) as identified by * the fields in <code>PolicyReference</code> + * @param constraints any optional constraints on the version of the + * referenced policy * * @return the result of trying to find an applicable policy *************** *** 216,220 **** * @throws IllegalArgumentException if <code>type</code> is invalid */ ! public PolicyFinderResult findPolicy(URI idReference, int type) throws IllegalArgumentException { --- 219,224 ---- * @throws IllegalArgumentException if <code>type</code> is invalid */ ! public PolicyFinderResult findPolicy(URI idReference, int type, ! VersionConstraints constraints) throws IllegalArgumentException { *************** *** 229,234 **** while (it.hasNext()) { PolicyFinderModule module = (PolicyFinderModule)(it.next()); ! PolicyFinderResult newResult = module.findPolicy(idReference, ! type); // if there was an error, we stop right away --- 233,238 ---- while (it.hasNext()) { PolicyFinderModule module = (PolicyFinderModule)(it.next()); ! PolicyFinderResult newResult = ! module.findPolicy(idReference, type, constraints); // if there was an error, we stop right away Index: PolicyFinderModule.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/finder/PolicyFinderModule.java,v retrieving revision 1.3 retrieving revision 1.4 diff -C2 -d -r1.3 -r1.4 *** PolicyFinderModule.java 17 May 2004 20:34:37 -0000 1.3 --- PolicyFinderModule.java 7 Jan 2005 23:47:43 -0000 1.4 *************** *** 3,7 **** * @(#)PolicyFinderModule.java * ! * Copyright 2003-2004 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without --- 3,7 ---- * @(#)PolicyFinderModule.java * ! * Copyright 2003-2005 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without *************** *** 38,41 **** --- 38,42 ---- import com.sun.xacml.EvaluationCtx; + import com.sun.xacml.VersionConstraints; import java.net.URI; *************** *** 149,156 **** * @param type type of reference (policy or policySet) as identified by * the fields in <code>PolicyReference</code> * * @return the result of looking for a matching policy */ ! public PolicyFinderResult findPolicy(URI idReference, int type) { return new PolicyFinderResult(); } --- 150,163 ---- * @param type type of reference (policy or policySet) as identified by * the fields in <code>PolicyReference</code> + * @param constraints any optional constraints on the version of the + * referenced policy (this will never be null, but + * it may impose no constraints, and in fact will + * never impose constraints when used from a pre-2.0 + * XACML policy) * * @return the result of looking for a matching policy */ ! public PolicyFinderResult findPolicy(URI idReference, int type, ! VersionConstraints constraints) { return new PolicyFinderResult(); } |
|
From: Seth P. <se...@us...> - 2005-01-07 23:47:53
|
Update of /cvsroot/sunxacml/sunxacml/com/sun/xacml In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv17065/com/sun/xacml Modified Files: PolicyReference.java Added Files: VersionConstraints.java Log Message: added support for policy versioning, a new feature of XACML 2.0 --- NEW FILE: VersionConstraints.java --- /* * @(#)VersionConstraints.java * * Copyright 2005 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions are met: * * 1. Redistribution of source code must retain the above copyright notice, * this list of conditions and the following disclaimer. * * 2. Redistribution in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * Neither the name of Sun Microsystems, Inc. or the names of contributors may * be used to endorse or promote products derived from this software without * specific prior written permission. * * This software is provided "AS IS," without a warranty of any kind. ALL * EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING * ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE * OR NON-INFRINGEMENT, ARE HEREBY EXCLUDED. SUN MICROSYSTEMS, INC. ("SUN") * AND ITS LICENSORS SHALL NOT BE LIABLE FOR ANY DAMAGES SUFFERED BY LICENSEE * AS A RESULT OF USING, MODIFYING OR DISTRIBUTING THIS SOFTWARE OR ITS * DERIVATIVES. IN NO EVENT WILL SUN OR ITS LICENSORS BE LIABLE FOR ANY LOST * REVENUE, PROFIT OR DATA, OR FOR DIRECT, INDIRECT, SPECIAL, CONSEQUENTIAL, * INCIDENTAL OR PUNITIVE DAMAGES, HOWEVER CAUSED AND REGARDLESS OF THE THEORY * OF LIABILITY, ARISING OUT OF THE USE OF OR INABILITY TO USE THIS SOFTWARE, * EVEN IF SUN HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. * * You acknowledge that this software is not designed or intended for use in * the design, construction, operation or maintenance of any nuclear facility. */ package com.sun.xacml; import java.util.StringTokenizer; /** * Supports the three version constraints that can be included with a * policy reference. This class also provides a simple set of comparison * methods for matching against the constraints. Note that this feature * was introduced in XACML 2.0, which means that constraints are never * used in pre-2.0 policy references. * * @since 2.0 * @author Seth Proctor */ public class VersionConstraints { // internal identifiers used to specify the kind of match private static final int COMPARE_EQUAL = 0; private static final int COMPARE_LESS = 1; private static final int COMPARE_GREATER = 2; // the three constraint strings private String version; private String earliest; private String latest; /** * Creates a <code>VersionConstraints</code> with the three optional * constraint strings. Each of the three strings must conform to the * VersionMatchType type defined in the XACML schema. Any of the * strings may be null to specify that the given constraint is not * used. * * @param version a matching constraint on the version or null * @param earliest a lower-bound constraint on the version or null * @param latest an upper-bound constraint on the version or null */ public VersionConstraints(String version, String earliest, String latest) { this.version = version; this.earliest = earliest; this.latest = latest; } /** * Returns the matching constraint string, which will be null if there * is no constraint on matching the version. * * @return the version constraint */ public String getVersionConstraint() { return version; } /** * Returns the lower-bound constraint string, which will be null if there * is no lower-bound constraint on the version. * * @return the lower-bound constraint */ public String getEarliestConstraint() { return earliest; } /** * Returns the upper-bound constraint string, which will be null if there * is no upper-bound constraint on the version. * * @return the upper-bound constraint */ public String getLatestConstraint() { return latest; } /** * Checks if the given version string meets all three constraints. * * @param version the version to compare, which is formatted as a * VersionType XACML type * * @return true if the given version meets all the constraints */ public boolean meetsConstraint(String version) { return (matches(version, this.version) && isEarlier(version, latest) && isLater(version, earliest)); } /** * Checks if the given version string matches the constraint string. * * @param version the version string to check * @param constraint a constraint string to use in matching * * @return true if the version string matches the constraint */ public static boolean matches(String version, String constraint) { return compareHelper(version, constraint, COMPARE_EQUAL); } /** * Checks if the given version string is less-than or equal-to the * constraint string. * * @param version the version string to check * @param constraint a constraint string to use in matching * * @return true if the version string is earlier than the constraint */ public static boolean isEarlier(String version, String constraint) { return compareHelper(version, constraint, COMPARE_LESS); } /** * Checks if the given version string is greater-than or equal-to the * constraint string. * * @param version the version string to check * @param constraint a constraint string to use in matching * * @return true if the version string is later than the constraint */ public static boolean isLater(String version, String constraint) { return compareHelper(version, constraint, COMPARE_GREATER); } /** * Private helper that handles all three comparisons. */ private static boolean compareHelper(String version, String constraint, int type) { // check that a constraint was provided... if (constraint == null) return true; // ...and a version too if (version == null) return false; // setup tokenizers StringTokenizer vtok = new StringTokenizer(version, "."); StringTokenizer ctok = new StringTokenizer(constraint, "."); while (vtok.hasMoreTokens()) { // if there's nothing left in the constraint, then this means // we didn't match, unless this is the greater-than function if (! ctok.hasMoreTokens()) { if (type == COMPARE_GREATER) return true; else return false; } // get the next constraint token... String c = ctok.nextToken(); // ...and if it's a + then it's done and we match if (c.equals("+")) return true; String v = vtok.nextToken(); // if it's a * then we always match, otherwise... if (! c.equals("*")) { // if it's a match then we just keep going, otherwise... if (! v.equals(c)) { // if we're matching on equality, then we failed if (type == COMPARE_EQUAL) return false; // convert both tokens to integers... int cint = Integer.valueOf(c).intValue(); int vint = Integer.valueOf(v).intValue(); // ...and do the right kind of comparison if (type == COMPARE_LESS) return vint <= cint; else return vint >= cint; } } } // if we got here, then we've finished the processing the version, // so see if there's anything more in the constrant, which would // mean we didn't match unless we're doing less-than if (ctok.hasMoreTokens()) { if (type == COMPARE_LESS) return true; else return false; } // we got through everything, so the constraint is met return true; } } Index: PolicyReference.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/PolicyReference.java,v retrieving revision 1.7 retrieving revision 1.8 diff -C2 -d -r1.7 -r1.8 *** PolicyReference.java 4 Jun 2004 17:50:39 -0000 1.7 --- PolicyReference.java 7 Jan 2005 23:47:42 -0000 1.8 *************** *** 3,7 **** * @(#)PolicyReference.java * ! * Copyright 2003-2004 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without --- 3,7 ---- * @(#)PolicyReference.java * ! * Copyright 2003-2005 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without *************** *** 98,101 **** --- 98,104 ---- private int policyType; + // and version constraints on this reference + private VersionConstraints constraints; + // the finder to use in finding the referenced policy private PolicyFinder finder; *************** *** 110,120 **** * @param reference the reference to the policy * @param policyType one of the two fields in this class * @param finder the <code>PolicyFinder</code> used to handle the reference * * @throws IllegalArgumentException if the input policyType isn't valid */ ! public PolicyReference(URI reference, int policyType, ! PolicyFinder finder) ! throws IllegalArgumentException{ // check if input policyType is a valid value --- 113,128 ---- * @param reference the reference to the policy * @param policyType one of the two fields in this class + * @param constraints any optional constraints on the version of the + * referenced policy (this is never null, but + * it may impose no constraints, and in fact will + * never impose constraints when used from a pre-2.0 + * XACML policy) * @param finder the <code>PolicyFinder</code> used to handle the reference * * @throws IllegalArgumentException if the input policyType isn't valid */ ! public PolicyReference(URI reference, int policyType, ! VersionConstraints constraints, PolicyFinder finder) ! throws IllegalArgumentException { // check if input policyType is a valid value *************** *** 126,129 **** --- 134,138 ---- this.reference = reference; this.policyType = policyType; + this.constraints = constraints; this.finder = finder; } *************** *** 145,148 **** --- 154,158 ---- int policyType; + // see what type of reference we are String name = root.getNodeName(); if (name.equals("PolicyIdReference")) { *************** *** 154,157 **** --- 164,168 ---- } + // next get the reference try { reference = new URI(root.getFirstChild().getNodeValue()); *************** *** 160,164 **** } ! return new PolicyReference(reference, policyType, finder); } --- 171,227 ---- } ! // now get any constraints ! NamedNodeMap map = root.getAttributes(); ! ! String versionConstraint = null; ! Node versionNode = map.getNamedItem("Version"); ! if (versionNode != null) ! versionConstraint = versionNode.getNodeValue(); ! ! String earlyConstraint = null; ! Node earlyNode = map.getNamedItem("EarliestVersion"); ! if (earlyNode != null) ! earlyConstraint = earlyNode.getNodeValue(); ! ! String lateConstraint = null; ! Node lateNode = map.getNamedItem("LatestVersion"); ! if (lateNode != null) ! lateConstraint = lateNode.getNodeValue(); ! ! VersionConstraints constraints = ! new VersionConstraints(versionConstraint, earlyConstraint, ! lateConstraint); ! ! // finally, create the reference ! return new PolicyReference(reference, policyType, constraints, finder); ! } ! ! /** ! * Returns the refernce identitfier used to resolve the policy. ! * ! * @return the reference <code>URI</code> ! */ ! public URI getReference() { ! return reference; ! } ! ! /** ! * Returns the version constraints associated with this reference. This ! * will never be null, though the constraints may be empty. ! * ! * @return the version constraints ! */ ! public VersionConstraints getConstraints() { ! return constraints; ! } ! ! /** ! * Returns whether this is a reference to a policy or to a policy set. ! * ! * @return the reference type, either <code>POLICY_REFERENCE</code> ! * or <code>POLICYSET_REFERENCE</code> ! */ ! public int getReferenceType() { ! return policyType; } *************** *** 176,179 **** --- 239,254 ---- /** + * Returns the version of this policy. If the policy is invalid or can't + * be retrieved, then a runtime exception is thrown. + * + * @return the policy version + * + * @throws ProcessingException if the referenced policy can't be retrieved + */ + public String getVersion() { + return resolvePolicy().getVersion(); + } + + /** * Returns the combining algorithm used by this policy. If the policy is * invalid or can't be retrieved, then a runtime exception is thrown. *************** *** 238,241 **** --- 313,329 ---- /** + * Returns the child policy nodes and their associated parameters. If + * the policy is invalid or can't be retrieved, then a runtime exception + * is thrown. + * + * @return a <code>List</code> of <code>CombinerElement</code>s + * + * @throws ProcessingException if the referenced policy can't be retrieved + */ + public List getChildElements() { + return resolvePolicy().getChildElements(); + } + + /** * Returns the Set of obligations for this policy, which may be empty if * there are no obligations. If the policy is invalid or can't be *************** *** 289,293 **** } ! PolicyFinderResult pfr = finder.findPolicy(reference, policyType); if (pfr.notApplicable()) --- 377,382 ---- } ! PolicyFinderResult pfr = finder.findPolicy(reference, policyType, ! constraints); if (pfr.notApplicable()) *************** *** 316,320 **** context.getResourceId().encode()); ! PolicyFinderResult pfr = finder.findPolicy(reference, policyType); // if we found nothing, then we return NotApplicable --- 405,410 ---- context.getResourceId().encode()); ! PolicyFinderResult pfr = finder.findPolicy(reference, policyType, ! constraints); // if we found nothing, then we return NotApplicable *************** *** 354,366 **** PrintStream out = new PrintStream(output); String encoded = indenter.makeString(); ! if (policyType == POLICY_REFERENCE) { ! out.println(encoded + "<PolicyIdReference>" + ! reference.toString() + "</PolicyIdReference>"); } else { ! out.println(encoded + "<PolicySetIdReference>" + ! reference.toString() + "</PolicySetIdReference>"); } } } --- 444,479 ---- PrintStream out = new PrintStream(output); String encoded = indenter.makeString(); ! if (policyType == POLICY_REFERENCE) { ! out.println(encoded + "<PolicyIdReference" + encodeConstraints() + ! ">" + reference.toString() + "</PolicyIdReference>"); } else { ! out.println(encoded + "<PolicySetIdReference" + ! encodeConstraints() + ">" + reference.toString() + ! "</PolicySetIdReference>"); } } + /** + * Private helper method that encodes the variable constraints info + */ + private String encodeConstraints() { + String str = ""; + VersionConstraints version = getConstraints(); + + String v = version.getVersionConstraint(); + if (v != null) + str += " Version=\"" + v + "\""; + + String e = version.getEarliestConstraint(); + if (e != null) + str += " EarliestVersion=\"" + e + "\""; + + String l = version.getLatestConstraint(); + if (l != null) + str += " LatestVersion=\"" + l + "\""; + + return str; + } + } |
|
From: Seth P. <se...@us...> - 2005-01-07 23:46:44
|
Update of /cvsroot/sunxacml/sunxacml/com/sun/xacml In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv16789/com/sun/xacml Modified Files: AbstractPolicy.java Policy.java PolicySet.java Log Message: added core support for policy versioning, variable referencing, and combining algorithm parameters, three of the major new features in XACML 2.0 Index: PolicySet.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/PolicySet.java,v retrieving revision 1.5 retrieving revision 1.6 diff -C2 -d -r1.5 -r1.6 *** PolicySet.java 17 Mar 2004 18:03:37 -0000 1.5 --- PolicySet.java 7 Jan 2005 23:46:33 -0000 1.6 *************** *** 3,7 **** * @(#)PolicySet.java * ! * Copyright 2003-2004 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without --- 3,7 ---- * @(#)PolicySet.java * ! * Copyright 2003-2005 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without *************** *** 37,40 **** --- 37,42 ---- package com.sun.xacml; + import com.sun.xacml.combine.CombinerParameter; + import com.sun.xacml.combine.PolicyCombinerElement; import com.sun.xacml.combine.PolicyCombiningAlgorithm; *************** *** 49,52 **** --- 51,55 ---- import java.util.ArrayList; + import java.util.HashMap; import java.util.Iterator; import java.util.List; *************** *** 79,83 **** public PolicySet(URI id, PolicyCombiningAlgorithm combiningAlg, Target target) { ! this(id, combiningAlg, null, target, null, null, null); } --- 82,86 ---- public PolicySet(URI id, PolicyCombiningAlgorithm combiningAlg, Target target) { ! this(id, null, combiningAlg, null, target, null, null, null); } *************** *** 98,122 **** public PolicySet(URI id, PolicyCombiningAlgorithm combiningAlg, Target target, List policies) { ! this(id, combiningAlg, null, target, policies, null, null); ! } ! ! /** ! * Creates a new <code>PolicySet</code> with the required elements plus ! * some policies and policy defaults. ! * ! * @param id the policy set identifier ! * @param combiningAlg the <code>CombiningAlgorithm</code> used on the ! * policies in this set ! * @param target the <code>Target</code> for this set ! * @param policies a list of <code>AbstractPolicy</code> objects ! * @param defaultVersion the XPath version to use ! * ! * @throws IllegalArgumentException if the <code>List</code> of policies ! * contains an object that is not an ! * <code>AbstractPolicy</code> ! */ ! public PolicySet(URI id, PolicyCombiningAlgorithm combiningAlg, ! Target target, List policies, String defaultVersion) { ! this(id, combiningAlg, null, target, policies, defaultVersion, null); } --- 101,105 ---- public PolicySet(URI id, PolicyCombiningAlgorithm combiningAlg, Target target, List policies) { ! this(id, null, combiningAlg, null, target, policies, null, null); } *************** *** 126,129 **** --- 109,114 ---- * * @param id the policy set identifier + * @param version the policy version or null for the default (this is + * always null for pre-2.0 policies) * @param combiningAlg the <code>CombiningAlgorithm</code> used on the * policies in this set *************** *** 136,142 **** * <code>AbstractPolicy</code> */ ! public PolicySet(URI id, PolicyCombiningAlgorithm combiningAlg, String description, Target target, List policies) { ! this(id, combiningAlg, description, target, policies, null, null); } --- 121,129 ---- * <code>AbstractPolicy</code> */ ! public PolicySet(URI id, String version, ! PolicyCombiningAlgorithm combiningAlg, String description, Target target, List policies) { ! this(id, version, combiningAlg, description, target, policies, null, ! null); } *************** *** 146,149 **** --- 133,138 ---- * * @param id the policy set identifier + * @param version the policy version or null for the default (this is + * always null for pre-2.0 policies) * @param combiningAlg the <code>CombiningAlgorithm</code> used on the * policies in this set *************** *** 157,165 **** * <code>AbstractPolicy</code> */ ! public PolicySet(URI id, PolicyCombiningAlgorithm combiningAlg, String description, Target target, List policies, String defaultVersion) { ! this(id, combiningAlg, description, target, policies, defaultVersion, ! null); } --- 146,155 ---- * <code>AbstractPolicy</code> */ ! public PolicySet(URI id, String version, ! PolicyCombiningAlgorithm combiningAlg, String description, Target target, List policies, String defaultVersion) { ! this(id, version, combiningAlg, description, target, policies, ! defaultVersion, null); } *************** *** 169,172 **** --- 159,164 ---- * * @param id the policy set identifier + * @param version the policy version or null for the default (this is + * always null for pre-2.0 policies) * @param combiningAlg the <code>CombiningAlgorithm</code> used on the * policies in this set *************** *** 181,192 **** * <code>AbstractPolicy</code> */ ! public PolicySet(URI id, PolicyCombiningAlgorithm combiningAlg, String description, Target target, List policies, String defaultVersion, Set obligations) { ! super(id, combiningAlg, description, target, defaultVersion, ! obligations); // check that the list contains only AbstractPolicy objects if (policies != null) { Iterator it = policies.iterator(); while (it.hasNext()) { --- 173,188 ---- * <code>AbstractPolicy</code> */ ! public PolicySet(URI id, String version, ! PolicyCombiningAlgorithm combiningAlg, String description, Target target, List policies, String defaultVersion, Set obligations) { ! super(id, version, combiningAlg, description, target, defaultVersion, ! obligations, null); ! ! List list = null; // check that the list contains only AbstractPolicy objects if (policies != null) { + list = new ArrayList(); Iterator it = policies.iterator(); while (it.hasNext()) { *************** *** 195,205 **** throw new IllegalArgumentException("non-AbstractPolicy " + "in policies"); } } ! setChildren(policies); } /** * Creates a new PolicySet based on the given root node. This is * private since every class is supposed to use a getInstance() method --- 191,253 ---- throw new IllegalArgumentException("non-AbstractPolicy " + "in policies"); + list.add(new PolicyCombinerElement((AbstractPolicy)o)); } } ! setChildren(list); } /** + * Creates a new <code>PolicySet</code> with the required and optional + * elements. If you need to provide combining algorithm parameters, you + * need to use this constructor. Note that unlike the other constructors + * in this class, the policies list is actually a list of + * <code>CombinerElement</code>s used to match a policy with any + * combiner parameters it may have. + * + * @param id the policy set identifier + * @param version the policy version or null for the default (this is + * always null for pre-2.0 policies) + * @param combiningAlg the <code>CombiningAlgorithm</code> used on the + * rules in this set + * @param description a <code>String</code> describing the policy or + * null if there is no description + * @param target the <code>Target</code> for this policy + * @param policyElements a list of <code>CombinerElement</code> objects or + * null if there are no policies + * @param defaultVersion the XPath version to use or null if there is + * no default version + * @param obligations a set of <code>Obligations</code> objects or null + * if there are no obligations + * @param parameters the <code>List</code> of + * <code>CombinerParameter</code>s provided for general + * use by the combining algorithm + * + * @throws IllegalArgumentException if the <code>List</code> of rules + * contains an object that is not a + * <code>Rule</code> + */ + public PolicySet(URI id, String version, + PolicyCombiningAlgorithm combiningAlg, + String description, Target target, List policyElements, + String defaultVersion, Set obligations, List parameters) { + super(id, version, combiningAlg, description, target, defaultVersion, + obligations, parameters); + + // check that the list contains only CombinerElements + if (policyElements != null) { + Iterator it = policyElements.iterator(); + while (it.hasNext()) { + Object o = it.next(); + if (! (o instanceof PolicyCombinerElement)) + throw new IllegalArgumentException("non-AbstractPolicy " + + "in policies"); + } + } + + setChildren(policyElements); + } + + /** * Creates a new PolicySet based on the given root node. This is * private since every class is supposed to use a getInstance() method *************** *** 211,215 **** --- 259,266 ---- List policies = new ArrayList(); + HashMap policyParameters = new HashMap(); + HashMap policySetParameters = new HashMap(); + // collect the PolicySet-specific elements NodeList children = root.getChildNodes(); for (int i = 0; i < children.getLength(); i++) { *************** *** 225,232 **** } else if (name.equals("PolicyIdReference")) { policies.add(PolicyReference.getInstance(child, finder)); ! } } ! setChildren(policies); } --- 276,361 ---- } else if (name.equals("PolicyIdReference")) { policies.add(PolicyReference.getInstance(child, finder)); ! } else if (name.equals("PolicyCombinerParameters")) { ! paramaterHelper(policyParameters, child, "Policy"); ! } else if (name.equals("PolicySetCombinerParameters")) { ! paramaterHelper(policySetParameters, child, "PolicySet"); ! } } ! // now make sure that we can match up any parameters we may have ! // found to a cooresponding Policy or PolicySet... ! List elements = new ArrayList(); ! Iterator it = policies.iterator(); ! ! // right now we have to go though each policy and based on several ! // possible cases figure out what paranmeters might apply...but ! // there should be a better way to do this ! ! while (it.hasNext()) { ! AbstractPolicy policy = (AbstractPolicy)(it.next()); ! List list = null; ! ! if (policy instanceof Policy) { ! list = (List)(policyParameters.remove(policy.getId(). ! toString())); ! } else if (policy instanceof PolicySet) { ! list = (List)(policySetParameters.remove(policy.getId(). ! toString())); ! } else { ! PolicyReference ref = (PolicyReference)policy; ! String id = ref.getReference().toString(); ! ! if (ref.getReferenceType() == ! PolicyReference.POLICY_REFERENCE) ! list = (List)(policyParameters.remove(id)); ! else ! list = (List)(policySetParameters.remove(id)); ! } ! ! elements.add(new PolicyCombinerElement(policy, list)); ! } ! ! // ...and that there aren't extra parameters ! if (! policyParameters.isEmpty()) ! throw new ParsingException("Unmatched parameters in Policy"); ! if (! policySetParameters.isEmpty()) ! throw new ParsingException("Unmatched parameters in PolicySet"); ! ! // finally, set the list of Rules ! setChildren(elements); ! } ! ! /** ! * Private helper method that handles parsing a collection of ! * parameters ! */ ! private void paramaterHelper(HashMap parameters, Node root, ! String prefix) throws ParsingException { ! String ref = root.getAttributes().getNamedItem(prefix + "IdRef"). ! getNodeValue(); ! ! if (parameters.containsKey(ref)) { ! List list = (List)(parameters.get(ref)); ! parseParameters(list, root); ! } else { ! List list = new ArrayList(); ! parseParameters(list, root); ! parameters.put(ref, list); ! } ! } ! ! /** ! * Private helper method that handles parsing a single parameter. ! */ ! private void parseParameters(List parameters, Node root) ! throws ParsingException ! { ! NodeList nodes = root.getChildNodes(); ! ! for (int i = 0; i < nodes.getLength(); i++) { ! Node node = nodes.item(i); ! if (node.getNodeName().equals("CombinerParameter")) ! parameters.add(CombinerParameter.getInstance(node)); ! } } *************** *** 309,312 **** --- 438,442 ---- "</XPathVersion></PolicySetDefaults>"); + getTarget().encode(output, indenter); encodeCommonElements(output, indenter); Index: AbstractPolicy.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/AbstractPolicy.java,v retrieving revision 1.11 retrieving revision 1.12 diff -C2 -d -r1.11 -r1.12 *** AbstractPolicy.java 4 Jun 2004 17:50:39 -0000 1.11 --- AbstractPolicy.java 7 Jan 2005 23:46:32 -0000 1.12 *************** *** 3,7 **** * @(#)AbstractPolicy.java * ! * Copyright 2003-2004 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without --- 3,7 ---- * @(#)AbstractPolicy.java * ! * Copyright 2003-2005 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without *************** *** 37,40 **** --- 37,42 ---- package com.sun.xacml; + import com.sun.xacml.combine.CombinerElement; + import com.sun.xacml.combine.CombinerParameter; import com.sun.xacml.combine.CombiningAlgorithm; import com.sun.xacml.combine.CombiningAlgFactory; *************** *** 82,85 **** --- 84,88 ---- // atributes associated with this policy private URI idAttr; + private String version; private CombiningAlgorithm combiningAlg; *************** *** 91,100 **** private String defaultVersion; ! // the elements we run through the combining algorithm private List children; // any obligations held by this policy private Set obligations; // the logger we'll use for all messages private static final Logger logger = --- 94,108 ---- private String defaultVersion; ! // the elements we run through the combining algorithm and the same list ! // paired with with their cooresponding elements private List children; + private List childElements; // any obligations held by this policy private Set obligations; + // the list of combiner parameters + private List parameters; + // the logger we'll use for all messages private static final Logger logger = *************** *** 113,123 **** * * @param id the policy id * @param combiningAlg the combining algorithm to use * @param description describes the policy or null if there is none * @param target the policy's target */ ! protected AbstractPolicy(URI id, CombiningAlgorithm combiningAlg, String description, Target target) { ! this(id, combiningAlg, description, target, null); } --- 121,134 ---- * * @param id the policy id + * @param version the policy version or null for the default (this is + * always null for pre-2.0 policies) * @param combiningAlg the combining algorithm to use * @param description describes the policy or null if there is none * @param target the policy's target */ ! protected AbstractPolicy(URI id, String version, ! CombiningAlgorithm combiningAlg, String description, Target target) { ! this(id, version, combiningAlg, description, target, null); } *************** *** 126,129 **** --- 137,142 ---- * * @param id the policy id + * @param version the policy version or null for the default (this is + * always null for pre-2.0 policies) * @param combiningAlg the combining algorithm to use * @param description describes the policy or null if there is none *************** *** 131,138 **** * @param defaultVersion the XPath version to use for selectors */ ! protected AbstractPolicy(URI id, CombiningAlgorithm combiningAlg, String description, Target target, String defaultVersion) { ! this(id, combiningAlg, description, target, defaultVersion, null); } --- 144,153 ---- * @param defaultVersion the XPath version to use for selectors */ ! protected AbstractPolicy(URI id, String version, ! CombiningAlgorithm combiningAlg, String description, Target target, String defaultVersion) { ! this(id, version, combiningAlg, description, target, defaultVersion, ! null, null); } *************** *** 141,144 **** --- 156,161 ---- * * @param id the policy id + * @param version the policy version or null for the default (this is + * always null for pre-2.0 policies) * @param combiningAlg the combining algorithm to use * @param description describes the policy or null if there is none *************** *** 147,153 **** * @param obligations the policy's obligations */ ! protected AbstractPolicy(URI id, CombiningAlgorithm combiningAlg, String description, Target target, ! String defaultVersion, Set obligations) { idAttr = id; this.combiningAlg = combiningAlg; --- 164,172 ---- * @param obligations the policy's obligations */ ! protected AbstractPolicy(URI id, String version, ! CombiningAlgorithm combiningAlg, String description, Target target, ! String defaultVersion, Set obligations, ! List parameters) { idAttr = id; this.combiningAlg = combiningAlg; *************** *** 156,159 **** --- 175,183 ---- this.defaultVersion = defaultVersion; + if (version == null) + this.version = "1.0"; + else + this.version = version; + if (obligations == null) this.obligations = Collections.EMPTY_SET; *************** *** 161,164 **** --- 185,194 ---- this.obligations = Collections. unmodifiableSet(new HashSet(obligations)); + + if (parameters == null) + this.parameters = Collections.EMPTY_LIST; + else + this.parameters = Collections. + unmodifiableList(new ArrayList(parameters)); } *************** *** 186,190 **** policyPrefix + "Id", e); } ! // now get the combining algorithm... try { --- 216,229 ---- policyPrefix + "Id", e); } ! ! // see if there's a version ! Node versionNode = attrs.getNamedItem("Version"); ! if (versionNode != null) { ! version = versionNode.getNodeValue(); ! } else { ! // assign the default version ! version = "1.0"; ! } ! // now get the combining algorithm... try { *************** *** 210,213 **** --- 249,253 ---- obligations = new HashSet(); + parameters = new ArrayList(); // now read the policy elements *************** *** 225,228 **** --- 265,270 ---- } else if (cname.equals(policyPrefix + "Defaults")) { handleDefaults(child); + } else if (cname.equals("CombinerParameters")) { + handleParameters(child); } } *************** *** 267,270 **** --- 309,325 ---- /** + * Handles all the CombinerParameters in the policy or policy set + */ + private void handleParameters(Node root) throws ParsingException { + NodeList nodes = root.getChildNodes(); + + for (int i = 0; i < nodes.getLength(); i++) { + Node node = nodes.item(i); + if (node.getNodeName().equals("CombinerParameter")) + parameters.add(CombinerParameter.getInstance(node)); + } + } + + /** * Returns the id of this policy * *************** *** 276,279 **** --- 331,343 ---- /** + * Returns the version of this policy + * + * @return the policy version + */ + public String getVersion() { + return version; + } + + /** * Returns the combining algorithm used by this policy * *************** *** 325,328 **** --- 389,404 ---- /** + * Returns the <code>List</code> of <code>CombinerElement</code>s that + * is provided to the combining algorithm. This returns the same set + * of children that <code>getChildren</code> provides along with any + * associated combiner parameters. + * + * @return a <code>List</code> of <code>CombinerElement</code>s + */ + public List getChildElements() { + return childElements; + } + + /** * Returns the Set of obligations for this policy, which may be empty * *************** *** 351,356 **** * Sets the child policy tree elements for this node, which are passed * to the combining algorithm on evaluation. The <code>List</code> must ! * contain <code>Rule</code>s or <code>AbstractPolicy</code>s, but may ! * not contain both types of elements. * * @param children the child elements used by the combining algorithm --- 427,433 ---- * Sets the child policy tree elements for this node, which are passed * to the combining algorithm on evaluation. The <code>List</code> must ! * contain <code>CombinerElement</code>s, which in turn will contain ! * <code>Rule</code>s or <code>AbstractPolicy</code>s, but may not ! * contain both types of elements. * * @param children the child elements used by the combining algorithm *************** *** 364,368 **** // NOTE: since this is only getting called by known child // classes we don't check that the types are all the same ! this.children = Collections.unmodifiableList(children); } } --- 441,454 ---- // NOTE: since this is only getting called by known child // classes we don't check that the types are all the same ! List list = new ArrayList(); ! Iterator it = children.iterator(); ! ! while (it.hasNext()) { ! CombinerElement element = (CombinerElement)(it.next()); ! list.add(element.getElement()); ! } ! ! this.children = Collections.unmodifiableList(list); ! childElements = Collections.unmodifiableList(children); } } *************** *** 380,384 **** public Result evaluate(EvaluationCtx context) { // evaluate ! Result result = combiningAlg.combine(context, children); // if we have no obligations, we're done --- 466,471 ---- public Result evaluate(EvaluationCtx context) { // evaluate ! Result result = combiningAlg.combine(context, parameters, ! childElements); // if we have no obligations, we're done *************** *** 415,423 **** protected void encodeCommonElements(OutputStream output, Indenter indenter) { - target.encode(output, indenter); - Iterator it = children.iterator(); while (it.hasNext()) { ! ((PolicyTreeElement)(it.next())).encode(output, indenter); } --- 502,508 ---- protected void encodeCommonElements(OutputStream output, Indenter indenter) { Iterator it = children.iterator(); while (it.hasNext()) { ! ((CombinerElement)(it.next())).encode(output, indenter); } Index: Policy.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/Policy.java,v retrieving revision 1.6 retrieving revision 1.7 diff -C2 -d -r1.6 -r1.7 *** Policy.java 17 Mar 2004 18:03:37 -0000 1.6 --- Policy.java 7 Jan 2005 23:46:32 -0000 1.7 *************** *** 3,7 **** * @(#)Policy.java * ! * Copyright 2003-2004 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without --- 3,7 ---- * @(#)Policy.java * ! * Copyright 2003-2005 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without *************** *** 37,42 **** --- 37,47 ---- package com.sun.xacml; + import com.sun.xacml.combine.CombinerParameter; + import com.sun.xacml.combine.RuleCombinerElement; import com.sun.xacml.combine.RuleCombiningAlgorithm; + import com.sun.xacml.cond.VariableDefinition; + import com.sun.xacml.cond.VariableManager; + import com.sun.xacml.ctx.Result; *************** *** 47,50 **** --- 52,58 ---- import java.util.ArrayList; + import java.util.Collections; + import java.util.HashMap; + import java.util.HashSet; import java.util.Iterator; import java.util.List; *************** *** 67,70 **** --- 75,81 ---- { + // the set of variable definitions in this policy + private Set definitions; + /** * Creates a new <code>Policy</code> with only the required elements. *************** *** 76,85 **** */ public Policy(URI id, RuleCombiningAlgorithm combiningAlg, Target target) { ! this(id, combiningAlg, null, target, null, null, null); } /** * Creates a new <code>Policy</code> with only the required elements ! * plus some rules. * * @param id the policy identifier --- 87,96 ---- */ public Policy(URI id, RuleCombiningAlgorithm combiningAlg, Target target) { ! this(id, null, combiningAlg, null, target, null, null, null); } /** * Creates a new <code>Policy</code> with only the required elements ! * plus rules. * * @param id the policy identifier *************** *** 95,110 **** public Policy(URI id, RuleCombiningAlgorithm combiningAlg, Target target, List rules) { ! this(id, combiningAlg, null, target, null, rules, null); } /** * Creates a new <code>Policy</code> with the required elements plus ! * some rules and policy defaults. * * @param id the policy identifier * @param combiningAlg the <code>CombiningAlgorithm</code> used on the * rules in this set * @param target the <code>Target</code> for this policy - * @param defaultVersion the XPath version to use * @param rules a list of <code>Rule</code> objects * --- 106,123 ---- public Policy(URI id, RuleCombiningAlgorithm combiningAlg, Target target, List rules) { ! this(id, null, combiningAlg, null, target, null, rules, null); } /** * Creates a new <code>Policy</code> with the required elements plus ! * rules and a String description. * * @param id the policy identifier + * @param version the policy version or null for the default (this is + * always null for pre-2.0 policies) * @param combiningAlg the <code>CombiningAlgorithm</code> used on the * rules in this set + * @param description a <code>String</code> describing the policy * @param target the <code>Target</code> for this policy * @param rules a list of <code>Rule</code> objects * *************** *** 113,130 **** * <code>Rule</code> */ ! public Policy(URI id, RuleCombiningAlgorithm combiningAlg, Target target, ! String defaultVersion, List rules) { ! this(id, combiningAlg, null, target, defaultVersion, rules, null); } /** * Creates a new <code>Policy</code> with the required elements plus ! * some rules and a String description. * * @param id the policy identifier * @param combiningAlg the <code>CombiningAlgorithm</code> used on the * rules in this set * @param description a <code>String</code> describing the policy * @param target the <code>Target</code> for this policy * @param rules a list of <code>Rule</code> objects * --- 126,147 ---- * <code>Rule</code> */ ! public Policy(URI id, String version, RuleCombiningAlgorithm combiningAlg, ! String description, Target target, List rules) { ! this(id, version, combiningAlg, description, target, null, rules, ! null); } /** * Creates a new <code>Policy</code> with the required elements plus ! * rules, a String description and policy defaults. * * @param id the policy identifier + * @param version the policy version or null for the default (this is + * always null for pre-2.0 policies) * @param combiningAlg the <code>CombiningAlgorithm</code> used on the * rules in this set * @param description a <code>String</code> describing the policy * @param target the <code>Target</code> for this policy + * @param defaultVersion the XPath version to use * @param rules a list of <code>Rule</code> objects * *************** *** 133,146 **** * <code>Rule</code> */ ! public Policy(URI id, RuleCombiningAlgorithm combiningAlg, ! String description, Target target, List rules) { ! this(id, combiningAlg, description, target, null, rules, null); } /** * Creates a new <code>Policy</code> with the required elements plus ! * some rules, a String description and policy defaults. * * @param id the policy identifier * @param combiningAlg the <code>CombiningAlgorithm</code> used on the * rules in this set --- 150,167 ---- * <code>Rule</code> */ ! public Policy(URI id, String version, RuleCombiningAlgorithm combiningAlg, ! String description, Target target, String defaultVersion, ! List rules) { ! this(id, version, combiningAlg, description, target, defaultVersion, ! rules, null); } /** * Creates a new <code>Policy</code> with the required elements plus ! * rules, a String description, policy defaults, and obligations. * * @param id the policy identifier + * @param version the policy version or null for the default (this is + * always null for pre-2.0 policies) * @param combiningAlg the <code>CombiningAlgorithm</code> used on the * rules in this set *************** *** 149,152 **** --- 170,174 ---- * @param defaultVersion the XPath version to use * @param rules a list of <code>Rule</code> objects + * @param obligations a set of <code>Obligations</code> objects * * @throws IllegalArgumentException if the <code>List</code> of rules *************** *** 154,169 **** * <code>Rule</code> */ ! public Policy(URI id, RuleCombiningAlgorithm combiningAlg, String description, Target target, String defaultVersion, ! List rules) { ! this(id, combiningAlg, description, target, defaultVersion, rules, ! null); } /** * Creates a new <code>Policy</code> with the required elements plus ! * some rules, a String description, policy defaults, and obligations. * * @param id the policy identifier * @param combiningAlg the <code>CombiningAlgorithm</code> used on the * rules in this set --- 176,194 ---- * <code>Rule</code> */ ! public Policy(URI id, String version, RuleCombiningAlgorithm combiningAlg, String description, Target target, String defaultVersion, ! List rules, Set obligations) { ! this(id, version, combiningAlg, description, target, defaultVersion, ! rules, obligations, null); } /** * Creates a new <code>Policy</code> with the required elements plus ! * rules, a String description, policy defaults, obligations, and ! * variable definitions. * * @param id the policy identifier + * @param version the policy version or null for the default (this is + * always null for pre-2.0 policies) * @param combiningAlg the <code>CombiningAlgorithm</code> used on the * rules in this set *************** *** 173,176 **** --- 198,204 ---- * @param rules a list of <code>Rule</code> objects * @param obligations a set of <code>Obligations</code> objects + * @param definitions a set of <code>VariableDefinition</code> objects + * that must provide all definitions referenced by + * all <code>VariableReference</code>s in the policy * * @throws IllegalArgumentException if the <code>List</code> of rules *************** *** 178,189 **** * <code>Rule</code> */ ! public Policy(URI id, RuleCombiningAlgorithm combiningAlg, String description, Target target, String defaultVersion, ! List rules, Set obligations) { ! super(id, combiningAlg, description, target, defaultVersion, ! obligations); // check that the list contains only rules if (rules != null) { Iterator it = rules.iterator(); while (it.hasNext()) { --- 206,220 ---- * <code>Rule</code> */ ! public Policy(URI id, String version, RuleCombiningAlgorithm combiningAlg, String description, Target target, String defaultVersion, ! List rules, Set obligations, Set definitions) { ! super(id, version, combiningAlg, description, target, defaultVersion, ! obligations, null); ! ! List list = null; // check that the list contains only rules if (rules != null) { + list = new ArrayList(); Iterator it = rules.iterator(); while (it.hasNext()) { *************** *** 191,200 **** if (! (o instanceof Rule)) throw new IllegalArgumentException("non-Rule in rules"); ! } } ! setChildren(rules); } /** * Creates a new Policy based on the given root node. This is --- 222,301 ---- if (! (o instanceof Rule)) throw new IllegalArgumentException("non-Rule in rules"); ! list.add(new RuleCombinerElement((Rule)o)); ! } } ! setChildren(list); ! ! // save the definitions ! if (definitions == null) ! this.definitions = Collections.EMPTY_SET; ! else ! this.definitions = Collections. ! unmodifiableSet(new HashSet(definitions)); } + + + /** + * Creates a new <code>Policy</code> with the required and optional + * elements. If you need to provide combining algorithm parameters, you + * need to use this constructor. Note that unlike the other constructors + * in this class, the rules list is actually a list of + * <code>CombinerElement</code>s used to match a rule with any + * combiner parameters it may have. + * + * @param id the policy identifier + * @param version the policy version or null for the default (this is + * always null for pre-2.0 policies) + * @param combiningAlg the <code>CombiningAlgorithm</code> used on the + * rules in this set + * @param description a <code>String</code> describing the policy or + * null if there is no description + * @param target the <code>Target</code> for this policy + * @param defaultVersion the XPath version to use or null if there is + * no default version + * @param ruleElements a list of <code>RuleCombinerElement</code> objects + * or null if there are no rules + * @param obligations a set of <code>Obligations</code> objects or null + * if there are no obligations + * @param definitions a set of <code>VariableDefinition</code> objects + * that must provide all definitions referenced by + * all <code>VariableReference</code>s in the policy + * @param parameters the <code>List</code> of + * <code>CombinerParameter</code>s provided for general + * use by the combining algorithm + * + * @throws IllegalArgumentException if the <code>List</code> of rules + * contains an object that is not a + * <code>RuleCombinerElement</code> + */ + public Policy(URI id, String version, RuleCombiningAlgorithm combiningAlg, + String description, Target target, String defaultVersion, + List ruleElements, Set obligations, Set definitions, + List parameters) { + super(id, version, combiningAlg, description, target, defaultVersion, + obligations, parameters); + + // check that the list contains only RuleCombinerElements + if (ruleElements != null) { + Iterator it = ruleElements.iterator(); + while (it.hasNext()) { + Object o = it.next(); + if (! (o instanceof RuleCombinerElement)) + throw new IllegalArgumentException("non-Rule in rules"); + } + } + + setChildren(ruleElements); + + // save the definitions + if (definitions == null) + this.definitions = Collections.EMPTY_SET; + else + this.definitions = Collections. + unmodifiableSet(new HashSet(definitions)); + } + /** * Creates a new Policy based on the given root node. This is *************** *** 207,220 **** List rules = new ArrayList(); String xpathVersion = getDefaultVersion(); NodeList children = root.getChildNodes(); for (int i = 0; i < children.getLength(); i++) { Node child = children.item(i); ! if (child.getNodeName().equals("Rule")) ! rules.add(Rule.getInstance(child, xpathVersion)); } ! setChildren(rules); } --- 308,413 ---- List rules = new ArrayList(); + HashMap parameters = new HashMap(); String xpathVersion = getDefaultVersion(); + HashMap variableIds = new HashMap(); + // first off, go through and look for any definitions to get their + // identifiers up front, since before we parse any references we'll + // need to know what definitions we support NodeList children = root.getChildNodes(); for (int i = 0; i < children.getLength(); i++) { Node child = children.item(i); ! if (child.getNodeName().equals("VariableDefinition")) { ! String id = child.getAttributes(). ! getNamedItem("VariableId").getNodeValue(); ! ! // it's an error to have more than one definition with the ! // same identifier ! if (variableIds.containsKey(id)) ! throw new ParsingException("multiple definitions for " + ! "variable " + id); ! ! variableIds.put(id, child); ! } } ! // now create a manager with the defined variable identifiers ! VariableManager manager = new VariableManager(variableIds, ! xpathVersion); ! definitions = new HashSet(); ! ! // next, collect the Policy-specific elements ! for (int i = 0; i < children.getLength(); i++) { ! Node child = children.item(i); ! String name = child.getNodeName(); ! ! if (name.equals("Rule")) { ! rules.add(Rule.getInstance(child, xpathVersion, manager)); ! } else if (name.equals("RuleCombinerParameters")) { ! String ref = child.getAttributes().getNamedItem("RuleIdRef"). ! getNodeValue(); ! ! // if we found the parameter before than add it the end of ! // the previous paramters, otherwise create a new entry ! if (parameters.containsKey(ref)) { ! List list = (List)(parameters.get(ref)); ! parseParameters(list, child); ! } else { ! List list = new ArrayList(); ! parseParameters(list, child); ! parameters.put(ref, list); ! } ! } else if (name.equals("VariableDefinition")) { ! String id = child.getAttributes(). ! getNamedItem("VariableId").getNodeValue(); ! ! // parsing definitions is a little strange, since they can ! // contain references to definitions we haven't yet parsed ! // or circular references, but we still want to verify the ! // references and the types...so, for each definition, we ! // ask the manager though getDefinition, which takes care ! // of loading any forward references, handles loops, etc. ! // It also handles caching definitions, so we don't end ! // up parsing the same definitions multiple times ! definitions.add(manager.getDefinition(id)); ! } ! } ! ! definitions = Collections.unmodifiableSet(definitions); ! ! // now make sure that we can match up any parameters we may have ! // found to a cooresponding Rule... ! List elements = new ArrayList(); ! Iterator it = rules.iterator(); ! ! while (it.hasNext()) { ! Rule rule = (Rule)(it.next()); ! String id = rule.getId().toString(); ! List list = (List)(parameters.remove(id)); ! ! elements.add(new RuleCombinerElement(rule, list)); ! } ! ! // ...and that there aren't extra parameters ! if (! parameters.isEmpty()) ! throw new ParsingException("Unmatched parameters in Rule"); ! ! // finally, set the list of Rules ! setChildren(elements); ! } ! ! /** ! * Helper method that parses out a collection of combiner parameters. ! */ ! private void parseParameters(List parameters, Node root) ! throws ParsingException ! { ! NodeList nodes = root.getChildNodes(); ! ! for (int i = 0; i < nodes.getLength(); i++) { ! Node node = nodes.item(i); ! if (node.getNodeName().equals("CombinerParameter")) ! parameters.add(CombinerParameter.getInstance(node)); ! } } *************** *** 239,242 **** --- 432,444 ---- /** + * Returns the variable definitions in this Policy. + * + * @return a <code>Set</code> of <code>VariableDefinition</code>s + */ + public Set getVariableDefinitions() { + return definitions; + } + + /** * Encodes this <code>Policy</code> into its XML representation and writes * this encoding to the given <code>OutputStream</code> with no *************** *** 279,282 **** --- 481,490 ---- "</XPathVersion></PolicyDefaults>"); + getTarget().encode(output, indenter); + + Iterator it = definitions.iterator(); + while (it.hasNext()) + ((VariableDefinition)(it.next())).encode(output, indenter); + encodeCommonElements(output, indenter); |
|
From: Seth P. <se...@us...> - 2004-12-20 21:21:24
|
Update of /cvsroot/sunxacml/sunxacml/com/sun/xacml/cond In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv28021/com/sun/xacml/cond Modified Files: HigherOrderFunction.java Log Message: merged in bag function fix from the 1.2 branch Index: HigherOrderFunction.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/cond/HigherOrderFunction.java,v retrieving revision 1.7 retrieving revision 1.8 diff -C2 -d -r1.7 -r1.8 *** HigherOrderFunction.java 15 Jul 2004 18:14:06 -0000 1.7 --- HigherOrderFunction.java 20 Dec 2004 21:21:07 -0000 1.8 *************** *** 284,287 **** --- 284,288 ---- // any evaluation is true return true, otherwise return false + result = new EvaluationResult(BooleanAttribute.getInstance(false)); Iterator it = ((BagAttribute)args[0]).iterator(); BagAttribute bag = (BagAttribute)(args[1]); *************** *** 335,338 **** --- 336,340 ---- // function, then return true, otherwise return false + result = new EvaluationResult(BooleanAttribute.getInstance(true)); Iterator it = ((BagAttribute)args[0]).iterator(); BagAttribute bag = (BagAttribute)(args[1]); |
|
From: Seth P. <se...@us...> - 2004-12-16 18:53:10
|
Update of /cvsroot/sunxacml/sunxacml/com/sun/xacml/cond In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv8007/com/sun/xacml/cond Modified Files: Tag: branch_1_2 HigherOrderFunction.java Log Message: fixed bug for any-of-any and all-of-all if the first parameter is an empty bag Index: HigherOrderFunction.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/cond/HigherOrderFunction.java,v retrieving revision 1.7 retrieving revision 1.7.2.1 diff -C2 -d -r1.7 -r1.7.2.1 *** HigherOrderFunction.java 15 Jul 2004 18:14:06 -0000 1.7 --- HigherOrderFunction.java 16 Dec 2004 18:52:52 -0000 1.7.2.1 *************** *** 284,287 **** --- 284,288 ---- // any evaluation is true return true, otherwise return false + result = new EvaluationResult(BooleanAttribute.getInstance(false)); Iterator it = ((BagAttribute)args[0]).iterator(); BagAttribute bag = (BagAttribute)(args[1]); *************** *** 335,338 **** --- 336,340 ---- // function, then return true, otherwise return false + result = new EvaluationResult(BooleanAttribute.getInstance(true)); Iterator it = ((BagAttribute)args[0]).iterator(); BagAttribute bag = (BagAttribute)(args[1]); |
|
From: Seth P. <se...@us...> - 2004-07-15 18:14:15
|
Update of /cvsroot/sunxacml/sunxacml/com/sun/xacml/cond In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv22678/com/sun/xacml/cond Modified Files: HigherOrderFunction.java Log Message: fixed a bug in the any-of-all and all-of-any functions Index: HigherOrderFunction.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/cond/HigherOrderFunction.java,v retrieving revision 1.6 retrieving revision 1.7 diff -C2 -d -r1.6 -r1.7 *** HigherOrderFunction.java 24 May 2004 21:39:22 -0000 1.6 --- HigherOrderFunction.java 15 Jul 2004 18:14:06 -0000 1.7 *************** *** 259,263 **** // true, otherwise return false ! result = any(args[0], (BagAttribute)(args[1]), function, context); break; } --- 259,264 ---- // true, otherwise return false ! result = any(args[0], (BagAttribute)(args[1]), function, context, ! false); break; } *************** *** 283,288 **** // any evaluation is true return true, otherwise return false ! result = anyOfAny((BagAttribute)(args[0]), (BagAttribute)(args[1]), ! function, context); break; } --- 284,301 ---- // any evaluation is true return true, otherwise return false ! Iterator it = ((BagAttribute)args[0]).iterator(); ! BagAttribute bag = (BagAttribute)(args[1]); ! ! while (it.hasNext()) { ! AttributeValue value = (AttributeValue)(it.next()); ! result = any(value, bag, function, context, false); ! ! if (result.indeterminate()) ! return result; ! ! if (((BooleanAttribute)(result. ! getAttributeValue())).getValue()) ! break; ! } break; } *************** *** 292,298 **** // param: boolean-function, bag, bag of same type // return: boolean ! // iterate through the second bag, and for each of those values ! // if one of them matches every value in the first bag using the ! // given function, then return true, otherwise return false result = allOfAny((BagAttribute)(args[1]), (BagAttribute)(args[0]), --- 305,311 ---- // param: boolean-function, bag, bag of same type // return: boolean ! // iterate through the first bag, and if for each of those values ! // one of the values in the second bag matches then return true, ! // otherwise return false result = allOfAny((BagAttribute)(args[1]), (BagAttribute)(args[0]), *************** *** 305,311 **** // param: boolean-function, bag, bag of same type // return: boolean ! // iterate through the first bag, and for each of those values ! // if one of them matches every value in the second bag using ! // the given function, then return true, otherwise return false result = anyOfAll((BagAttribute)(args[0]), (BagAttribute)(args[1]), --- 318,324 ---- // param: boolean-function, bag, bag of same type // return: boolean ! // iterate through the second bag, and if for each of those values ! // one of the values in the first bag matches then return true, ! // otherwise return false result = anyOfAll((BagAttribute)(args[0]), (BagAttribute)(args[1]), *************** *** 335,342 **** if (! ((BooleanAttribute)(result. getAttributeValue())).getValue()) ! return result; } ! ! result = new EvaluationResult(BooleanAttribute.getTrueInstance()); } --- 348,354 ---- if (! ((BooleanAttribute)(result. getAttributeValue())).getValue()) ! break; } ! break; } *************** *** 411,423 **** /** ! * Perform the any operation...function must return a boolean */ private EvaluationResult any(AttributeValue value, BagAttribute bag, ! Function function, EvaluationCtx context) { ! return anyAndAllHelper(value, bag, function, context, false, false); } /** ! * Perform the all operation...function must return a boolean */ private EvaluationResult all(AttributeValue value, BagAttribute bag, --- 423,438 ---- /** ! * Private helper function that performs the any function, but lets you ! * swap the argument order (so it can be used by any-of-all) */ private EvaluationResult any(AttributeValue value, BagAttribute bag, ! Function function, EvaluationCtx context, ! boolean argumentsAreSwapped) { ! return anyAndAllHelper(value, bag, function, context, false, ! argumentsAreSwapped); } /** ! * Private helper function that performs the all function */ private EvaluationResult all(AttributeValue value, BagAttribute bag, *************** *** 427,431 **** /** ! * Generic code for any & all functions */ private EvaluationResult anyAndAllHelper(AttributeValue value, --- 442,446 ---- /** ! * Private helper for any & all functions */ private EvaluationResult anyAndAllHelper(AttributeValue value, *************** *** 433,438 **** Function function, EvaluationCtx context, ! boolean foo, boolean swap) { ! BooleanAttribute attr = BooleanAttribute.getInstance(foo); Iterator it = bag.iterator(); --- 448,454 ---- Function function, EvaluationCtx context, ! boolean allFunction, ! boolean argumentsAreSwapped) { ! BooleanAttribute attr = BooleanAttribute.getInstance(allFunction); Iterator it = bag.iterator(); *************** *** 440,444 **** List params = new ArrayList(); ! if (! swap) { params.add(value); params.add((AttributeValue)(it.next())); --- 456,460 ---- List params = new ArrayList(); ! if (! argumentsAreSwapped) { params.add(value); params.add((AttributeValue)(it.next())); *************** *** 455,459 **** BooleanAttribute bool = (BooleanAttribute)(result.getAttributeValue()); ! if (bool.getValue() != foo) { attr = bool; break; --- 471,475 ---- BooleanAttribute bool = (BooleanAttribute)(result.getAttributeValue()); ! if (bool.getValue() != allFunction) { attr = bool; break; *************** *** 465,477 **** /** - * any-of-any - */ - private EvaluationResult anyOfAny(BagAttribute bag1, BagAttribute bag2, - Function function, - EvaluationCtx context) { - return anyOfAnyOrAllHelper(bag1, bag2, function, context, true, false); - } - - /** * any-of-all */ --- 481,484 ---- *************** *** 479,484 **** Function function, EvaluationCtx context) { ! return anyOfAnyOrAllHelper(anyBag, allBag, function, context, false, ! false); } --- 486,490 ---- Function function, EvaluationCtx context) { ! return allAnyHelper(anyBag, allBag, function, context, true); } *************** *** 489,526 **** Function function, EvaluationCtx context) { ! return anyOfAnyOrAllHelper(anyBag, allBag, function, context, false, ! true); } /** ! * Generic code for the any-of-any and all-of-any/any-of-all routines */ ! private EvaluationResult anyOfAnyOrAllHelper(BagAttribute bag1, ! BagAttribute bag2, ! Function function, ! EvaluationCtx context, ! boolean any, boolean swap) { ! Iterator it = bag1.iterator(); ! while (it.hasNext()) { - EvaluationResult result; AttributeValue value = (AttributeValue)(it.next()); ! ! if (any) ! result = anyAndAllHelper(value, bag2, function, context, ! false, swap); ! else ! result = anyAndAllHelper(value, bag2, function, context, ! true, swap); if (result.indeterminate()) return result; ! if (((BooleanAttribute)(result. ! getAttributeValue())).getValue()) return result; } ! ! return new EvaluationResult(BooleanAttribute.getFalseInstance()); } --- 495,525 ---- Function function, EvaluationCtx context) { ! return allAnyHelper(anyBag, allBag, function, context, false); } /** ! * Private helper for the all-of-any and any-of-all functions */ ! private EvaluationResult allAnyHelper(BagAttribute anyBag, ! BagAttribute allBag, ! Function function, ! EvaluationCtx context, ! boolean argumentsAreSwapped) { ! Iterator it = allBag.iterator(); ! while (it.hasNext()) { AttributeValue value = (AttributeValue)(it.next()); ! EvaluationResult result = ! any(value, anyBag, function, context, argumentsAreSwapped); if (result.indeterminate()) return result; ! if (! ((BooleanAttribute)(result. ! getAttributeValue())).getValue()) return result; } ! ! return new EvaluationResult(BooleanAttribute.getTrueInstance()); } |
|
From: Seth P. <se...@us...> - 2004-07-14 20:39:31
|
Update of /cvsroot/sunxacml/tests In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv640 Added Files: license.txt Log Message: added a copy of the license file to the root --- NEW FILE: license.txt --- Copyright 2003-2004 Sun Microsystems, Inc. All Rights Reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistribution of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistribution in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. Neither the name of Sun Microsystems, Inc. or the names of contributors may be used to endorse or promote products derived from this software without specific prior written permission. This software is provided "AS IS," without a warranty of any kind. ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE HEREBY EXCLUDED. SUN MICROSYSTEMS, INC. ("SUN") AND ITS LICENSORS SHALL NOT BE LIABLE FOR ANY DAMAGES SUFFERED BY LICENSEE AS A RESULT OF USING, MODIFYING OR DISTRIBUTING THIS SOFTWARE OR ITS DERIVATIVES. IN NO EVENT WILL SUN OR ITS LICENSORS BE LIABLE FOR ANY LOST REVENUE, PROFIT OR DATA, OR FOR DIRECT, INDIRECT, SPECIAL, CONSEQUENTIAL, INCIDENTAL OR PUNITIVE DAMAGES, HOWEVER CAUSED AND REGARDLESS OF THE THEORY OF LIABILITY, ARISING OUT OF THE USE OF OR INABILITY TO USE THIS SOFTWARE, EVEN IF SUN HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. You acknowledge that this software is not designed or intended for use in the design, construction, operation or maintenance of any nuclear facility. |
|
From: Seth P. <se...@us...> - 2004-07-14 20:37:58
|
Update of /cvsroot/sunxacml/sunxacml In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv414 Modified Files: license.txt Log Message: updated year on copyright Index: license.txt =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/license.txt,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -C2 -d -r1.1.1.1 -r1.2 *** license.txt 13 Feb 2003 22:19:10 -0000 1.1.1.1 --- license.txt 14 Jul 2004 20:37:48 -0000 1.2 *************** *** 1,4 **** ! Copyright 2003 Sun Microsystems, Inc. All Rights Reserved. Redistribution and use in source and binary forms, with or without --- 1,4 ---- ! Copyright 2003-2004 Sun Microsystems, Inc. All Rights Reserved. Redistribution and use in source and binary forms, with or without |
|
From: Seth P. <se...@us...> - 2004-07-13 22:40:18
|
Update of /cvsroot/sunxacml/sunxacml/com/sun/xacml/combine In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv1867/com/sun/xacml/combine Modified Files: StandardCombiningAlgFactory.java Log Message: udapted documentation Index: StandardCombiningAlgFactory.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/combine/StandardCombiningAlgFactory.java,v retrieving revision 1.5 retrieving revision 1.6 diff -C2 -d -r1.5 -r1.6 *** StandardCombiningAlgFactory.java 4 Jun 2004 17:50:39 -0000 1.5 --- StandardCombiningAlgFactory.java 13 Jul 2004 22:39:58 -0000 1.6 *************** *** 57,62 **** * will be thrown. If you need a standard factory that is modifiable, you * should create a new <code>BaseCombiningAlgFactory</code> (or some other ! * <code>CombiningAlgFactory</code>) and then configure it with the standard ! * algorithms using <code>getStandardAlgorithms</code>. * * @since 1.2 --- 57,64 ---- * will be thrown. If you need a standard factory that is modifiable, you * should create a new <code>BaseCombiningAlgFactory</code> (or some other ! * <code>CombiningAlgFactory</code>) and configure it with the standard ! * algorithms using <code>getStandardAlgorithms</code> (or, in the case of ! * <code>BaseAttributeFactory</code>, by providing the datatypes in the ! * constructor). * * @since 1.2 |
|
From: Seth P. <se...@us...> - 2004-07-13 22:40:08
|
Update of /cvsroot/sunxacml/sunxacml/com/sun/xacml/attr In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv1867/com/sun/xacml/attr Modified Files: StandardAttributeFactory.java Log Message: udapted documentation Index: StandardAttributeFactory.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/attr/StandardAttributeFactory.java,v retrieving revision 1.5 retrieving revision 1.6 diff -C2 -d -r1.5 -r1.6 *** StandardAttributeFactory.java 4 Jun 2004 17:50:39 -0000 1.5 --- StandardAttributeFactory.java 13 Jul 2004 22:39:58 -0000 1.6 *************** *** 73,78 **** * will be thrown. If you need a standard factory that is modifiable, you * should create a new <code>BaseAttributeFactory</code> (or some other ! * <code>AttributeFactory</code>) and then configure it with the standard ! * datatypes using <code>addStandardDatatypes</code>. * * @since 1.2 --- 73,80 ---- * will be thrown. If you need a standard factory that is modifiable, you * should create a new <code>BaseAttributeFactory</code> (or some other ! * <code>AttributeFactory</code>) and configure it with the standard ! * datatypes using <code>addStandardDatatypes</code> (or, in the case of ! * <code>BaseAttributeFactory</code>, by providing the datatypes in the ! * constructor). * * @since 1.2 *************** *** 144,149 **** * the factory if it hasn't been requested before. This is the default * model used by the <code>AttributeFactory</code>, ensuring quick ! * access to this factory. If you need a new instance of this factory ! * you should use the <code>getNewFactory</code> method. * * @return the factory instance --- 146,150 ---- * the factory if it hasn't been requested before. This is the default * model used by the <code>AttributeFactory</code>, ensuring quick ! * access to this factory. * * @return the factory instance |
|
From: Seth P. <se...@us...> - 2004-07-13 22:39:44
|
Update of /cvsroot/sunxacml/sunxacml/com/sun/xacml In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv1814/com/sun/xacml Modified Files: ConfigurationStore.java Log Message: updated documentation Index: ConfigurationStore.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/ConfigurationStore.java,v retrieving revision 1.8 retrieving revision 1.9 diff -C2 -d -r1.8 -r1.9 *** ConfigurationStore.java 13 Jun 2004 23:22:11 -0000 1.8 --- ConfigurationStore.java 13 Jul 2004 22:39:34 -0000 1.9 *************** *** 105,109 **** * This way, the programmer still has full control over their security model, * but also has the convenience of re-using a common configuration ! * mechanism. See http://sunxacml.sourceforge.net/schema/config-0.2.xsd for * the valid schema. * <p> --- 105,109 ---- * This way, the programmer still has full control over their security model, * but also has the convenience of re-using a common configuration ! * mechanism. See http://sunxacml.sourceforge.net/schema/config-0.3.xsd for * the valid schema. * <p> |
|
From: Seth P. <se...@us...> - 2004-07-11 16:41:08
|
Update of /cvsroot/sunxacml/sunxacml/com/sun/xacml/cond In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv17965/com/sun/xacml/cond Modified Files: package.html Log Message: updated to reflect the current state of the function implementations Index: package.html =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/cond/package.html,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -C2 -d -r1.1.1.1 -r1.2 *** package.html 13 Feb 2003 22:19:10 -0000 1.1.1.1 --- package.html 11 Jul 2004 16:40:56 -0000 1.2 *************** *** 4,10 **** standard functions, and a factory for getting functions and adding new ones to the system. There is also support for the Condition and Apply ! XML types. Note that many of the function classes are not public ! because they aren't needed directly by other code. In the future this ! may change, but right now only the functions that are useful to ! interact with directly are accessable. </body> --- 4,19 ---- standard functions, and a factory for getting functions and adding new ones to the system. There is also support for the Condition and Apply ! XML types. ! <p> ! Note that prior to the 1.2 release, most of the function ! implementations in this package were package private, mostly because ! there is no reason to interact with these classes directly. With the ! 1.2 release all classes were exposed, in part to make all the standard ! identifier strings easily available. If you need a function instance, ! however, you should still use the factory interface. You should not ! ever need to instantiate one of the standard function classes ! directly. Note also that in the next major release some of the ! function impementations may change their interfaces, which is another ! reason to interact with the standard functions only through the ! factory interface. </body> |
|
From: Seth P. <se...@us...> - 2004-06-13 23:22:24
|
Update of /cvsroot/sunxacml/sunxacml/com/sun/xacml In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv26896/com/sun/xacml Modified Files: ConfigurationStore.java Log Message: fixed schema URL in javadoc header Index: ConfigurationStore.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/ConfigurationStore.java,v retrieving revision 1.7 retrieving revision 1.8 diff -C2 -d -r1.7 -r1.8 *** ConfigurationStore.java 4 Jun 2004 17:50:39 -0000 1.7 --- ConfigurationStore.java 13 Jun 2004 23:22:11 -0000 1.8 *************** *** 105,109 **** * This way, the programmer still has full control over their security model, * but also has the convenience of re-using a common configuration ! * mechanism. See http://sunxacml.sourceforge.net/schama/config-0.2.xsd for * the valid schema. * <p> --- 105,109 ---- * This way, the programmer still has full control over their security model, * but also has the convenience of re-using a common configuration ! * mechanism. See http://sunxacml.sourceforge.net/schema/config-0.2.xsd for * the valid schema. * <p> |
|
From: Seth P. <se...@us...> - 2004-06-13 23:20:27
|
Update of /cvsroot/sunxacml/sunxacml/com/sun/xacml/cond In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv25709/com/sun/xacml/cond Modified Files: BagFunction.java BaseFunctionFactory.java Log Message: small javadoc tweak Index: BagFunction.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/cond/BagFunction.java,v retrieving revision 1.4 retrieving revision 1.5 diff -C2 -d -r1.4 -r1.5 *** BagFunction.java 18 Mar 2004 21:13:09 -0000 1.4 --- BagFunction.java 13 Jun 2004 23:20:18 -0000 1.5 *************** *** 223,227 **** * @param functionId an optional, internal numeric identifier * @param paramType the datatype this function accepts ! * @param paramIsBad whether the parameters are bags * @param numParams number of parameters allowed or -1 for any number * @param returnType the datatype this function returns --- 223,227 ---- * @param functionId an optional, internal numeric identifier * @param paramType the datatype this function accepts ! * @param paramIsBag whether the parameters are bags * @param numParams number of parameters allowed or -1 for any number * @param returnType the datatype this function returns Index: BaseFunctionFactory.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/cond/BaseFunctionFactory.java,v retrieving revision 1.4 retrieving revision 1.5 diff -C2 -d -r1.4 -r1.5 *** BaseFunctionFactory.java 24 May 2004 20:55:07 -0000 1.4 --- BaseFunctionFactory.java 13 Jun 2004 23:20:18 -0000 1.5 *************** *** 88,92 **** /** ! * Constructor that sets a "superset factory." This is useful since * the different function factories (Target, Condition, and General) * have a superset relationship (Condition functions are a superset --- 88,92 ---- /** ! * Constructor that sets a "superset factory". This is useful since * the different function factories (Target, Condition, and General) * have a superset relationship (Condition functions are a superset |
|
From: Seth P. <se...@us...> - 2004-06-13 23:20:26
|
Update of /cvsroot/sunxacml/sunxacml/com/sun/xacml In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv25709/com/sun/xacml Modified Files: EvaluationCtx.java Log Message: small javadoc tweak Index: EvaluationCtx.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/EvaluationCtx.java,v retrieving revision 1.8 retrieving revision 1.9 diff -C2 -d -r1.8 -r1.9 *** EvaluationCtx.java 12 May 2004 21:27:20 -0000 1.8 --- EvaluationCtx.java 13 Jun 2004 23:20:17 -0000 1.9 *************** *** 285,289 **** */ public EvaluationResult getAttribute(String contextPath, ! Node namespaceNode, URI datatype, String xpathVersion); --- 285,289 ---- */ public EvaluationResult getAttribute(String contextPath, ! Node namespaceNode, URI type, String xpathVersion); |
|
From: Seth P. <se...@us...> - 2004-06-13 23:20:26
|
Update of /cvsroot/sunxacml/sunxacml In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv25709 Modified Files: overview.html Log Message: small javadoc tweak Index: overview.html =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/overview.html,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 *** overview.html 25 Aug 2003 16:53:47 -0000 1.2 --- overview.html 13 Jun 2004 23:20:17 -0000 1.3 *************** *** 1,4 **** <body> ! This is an implementation of the OASIS XACML 1.1 standard. It supports the full specification including parsing policies, managing requests and responses, processing policies against requests, adding new attribute --- 1,4 ---- <body> ! This is an implementation of the OASIS XACML 1.0/1.1 standard. It supports the full specification including parsing policies, managing requests and responses, processing policies against requests, adding new attribute |
|
From: Seth P. <se...@us...> - 2004-06-09 20:12:30
|
Update of /cvsroot/sunxacml/sunxacml/com/sun/xacml/finder/impl In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv25559/com/sun/xacml/finder/impl Modified Files: SelectorModule.java Log Message: added error handling for missing namespace map Index: SelectorModule.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/finder/impl/SelectorModule.java,v retrieving revision 1.8 retrieving revision 1.9 diff -C2 -d -r1.8 -r1.9 *** SelectorModule.java 14 May 2004 18:42:03 -0000 1.8 --- SelectorModule.java 9 Jun 2004 20:12:21 -0000 1.9 *************** *** 181,188 **** // if the rootPath is still null, then we don't have any // definitions for the namespace ! if (rootPath == null) { ! // FIXME: should this be an error, or should we add ! // the namespace somehow? ! } } } --- 181,187 ---- // if the rootPath is still null, then we don't have any // definitions for the namespace ! if (rootPath == null) ! return createProcessingError("Failed to map a namespace" + ! " in an XPath expression"); } } |
|
From: Seth P. <se...@us...> - 2004-06-04 17:53:24
|
Update of /cvsroot/sunxacml/tests In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv7928 Modified Files: build.xml Added Files: log.props Log Message: setup to filter most of the new log messages Index: build.xml =================================================================== RCS file: /cvsroot/sunxacml/tests/build.xml,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -C2 -d -r1.1.1.1 -r1.2 *** build.xml 18 May 2004 21:20:50 -0000 1.1.1.1 --- build.xml 4 Jun 2004 17:53:11 -0000 1.2 *************** *** 47,51 **** <property name="sunxacml" location="../sunxacml/build/classes"/> ! <property name="confDir" location=""/> <!-- Builds the project into debug-enabled class files --> --- 47,51 ---- <property name="sunxacml" location="../sunxacml/build/classes"/> ! <property name="confDir" location="FILL THIS IN"/> <!-- Builds the project into debug-enabled class files --> *************** *** 61,64 **** --- 61,65 ---- <java classname="com.sun.xacml.test.TestDriver" classpath="${classDir}:${sunxacml}" fork="yes"> + <sysproperty key="java.util.logging.config.file" value="log.props"/> <sysproperty key="com.sun.xacml.PDPConfigFile" value="config.xml"/> <arg file="tests.xml"/> --- NEW FILE: log.props --- # Copyright 2004 Sun Microsystems, Inc. All Rights Reserved. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions are met: # # 1. Redistribution of source code must retain the above copyright notice, # this list of conditions and the following disclaimer. # # 2. Redistribution in binary form must reproduce the above copyright # notice, this list of conditions and the following disclaimer in the # documentation and/or other materials provided with the distribution. # # Neither the name of Sun Microsystems, Inc. or the names of contributors may # be used to endorse or promote products derived from this software without # specific prior written permission. # # This software is provided "AS IS," without a warranty of any kind. ALL # EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING # ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE # OR NON-INFRINGEMENT, ARE HEREBY EXCLUDED. SUN MICROSYSTEMS, INC. ("SUN") # AND ITS LICENSORS SHALL NOT BE LIABLE FOR ANY DAMAGES SUFFERED BY LICENSEE # AS A RESULT OF USING, MODIFYING OR DISTRIBUTING THIS SOFTWARE OR ITS # DERIVATIVES. IN NO EVENT WILL SUN OR ITS LICENSORS BE LIABLE FOR ANY LOST # REVENUE, PROFIT OR DATA, OR FOR DIRECT, INDIRECT, SPECIAL, CONSEQUENTIAL, # INCIDENTAL OR PUNITIVE DAMAGES, HOWEVER CAUSED AND REGARDLESS OF THE THEORY # OF LIABILITY, ARISING OUT OF THE USE OF OR INABILITY TO USE THIS SOFTWARE, # EVEN IF SUN HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. # # You acknowledge that this software is not designed or intended for use in # the design, construction, operation or maintenance of any nuclear facility. .level = WARNING handlers = java.util.logging.ConsoleHandler java.util.logging.ConsoleHandler.level = WARNING java.util.logging.ConsoleHandler.formatter = java.util.logging.SimpleFormatter |
|
From: Seth P. <se...@us...> - 2004-06-04 17:50:52
|
Update of /cvsroot/sunxacml/sunxacml/com/sun/xacml/finder In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv7308/com/sun/xacml/finder Modified Files: AttributeFinder.java PolicyFinder.java ResourceFinder.java Log Message: Introduced some new, basic logging Index: ResourceFinder.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/finder/ResourceFinder.java,v retrieving revision 1.4 retrieving revision 1.5 diff -C2 -d -r1.4 -r1.5 *** ResourceFinder.java 30 Apr 2004 17:56:43 -0000 1.4 --- ResourceFinder.java 4 Jun 2004 17:50:40 -0000 1.5 *************** *** 45,48 **** --- 45,51 ---- import java.util.List; + import java.util.logging.Level; + import java.util.logging.Logger; + /** *************** *** 87,90 **** --- 90,97 ---- private List descendantModules; + // the logger we'll use for all messages + private static final Logger logger = + Logger.getLogger(ResourceFinder.class.getName()); + /** * Default constructor. *************** *** 158,161 **** --- 165,172 ---- // no modules applied, so we return an empty result + if (logger.isLoggable(Level.INFO)) + logger.info("No ResourceFinderModule existed to handle the " + + "children of " + parentResourceId.encode()); + return new ResourceFinderResult(); } *************** *** 192,195 **** --- 203,210 ---- // no modules applied, so we return an empty result + if (logger.isLoggable(Level.INFO)) + logger.info("No ResourceFinderModule existed to handle the " + + "children of " + parentResourceId.encode()); + return new ResourceFinderResult(); } *************** *** 224,227 **** --- 239,246 ---- // no modules applied, so we return an empty result + if (logger.isLoggable(Level.INFO)) + logger.info("No ResourceFinderModule existed to handle the " + + "descendants of " + parentResourceId.encode()); + return new ResourceFinderResult(); } *************** *** 258,261 **** --- 277,284 ---- // no modules applied, so we return an empty result + if (logger.isLoggable(Level.INFO)) + logger.info("No ResourceFinderModule existed to handle the " + + "descendants of " + parentResourceId.encode()); + return new ResourceFinderResult(); } Index: AttributeFinder.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/finder/AttributeFinder.java,v retrieving revision 1.4 retrieving revision 1.5 diff -C2 -d -r1.4 -r1.5 *** AttributeFinder.java 12 May 2004 21:26:23 -0000 1.4 --- AttributeFinder.java 4 Jun 2004 17:50:40 -0000 1.5 *************** *** 50,53 **** --- 50,56 ---- import java.util.Set; + import java.util.logging.Level; + import java.util.logging.Logger; + import org.w3c.dom.Node; *************** *** 83,86 **** --- 86,93 ---- private List selectorModules; + // the logger we'll use for all messages + private static final Logger logger = + Logger.getLogger(AttributeFinder.class.getName()); + /** * Default constructor. *************** *** 155,159 **** AttributeFinderModule module = (AttributeFinderModule)(it.next()); ! // see if the module support this type Set types = module.getSupportedDesignatorTypes(); if ((types == null) || (types. --- 162,166 ---- AttributeFinderModule module = (AttributeFinderModule)(it.next()); ! // see if the module supports this type Set types = module.getSupportedDesignatorTypes(); if ((types == null) || (types. *************** *** 166,171 **** // if there was an error, we stop right away ! if (result.indeterminate()) return result; // if the result wasn't empty, then return the result --- 173,182 ---- // if there was an error, we stop right away ! if (result.indeterminate()) { ! if (logger.isLoggable(Level.INFO)) ! logger.info("Error while trying to resolve values: " + ! result.getStatus().getMessage()); return result; + } // if the result wasn't empty, then return the result *************** *** 178,181 **** --- 189,196 ---- // if we got here then there were no errors but there were also no // matches, so we have to return an empty bag + if (logger.isLoggable(Level.INFO)) + logger.info("Failed to resolve any values for " + + attributeId.toString()); + return new EvaluationResult(BagAttribute. createEmptyBag(attributeType)); *************** *** 216,221 **** // if there was an error, we stop right away ! if (result.indeterminate()) return result; // if the result wasn't empty, then return the result --- 231,240 ---- // if there was an error, we stop right away ! if (result.indeterminate()) { ! if (logger.isLoggable(Level.INFO)) ! logger.info("Error while trying to resolve values: " + ! result.getStatus().getMessage()); return result; + } // if the result wasn't empty, then return the result *************** *** 227,230 **** --- 246,252 ---- // if we got here then there were no errors but there were also no // matches, so we have to return an empty bag + if (logger.isLoggable(Level.INFO)) + logger.info("Failed to resolve any values for " + contextPath); + return new EvaluationResult(BagAttribute. createEmptyBag(attributeType)); Index: PolicyFinder.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/finder/PolicyFinder.java,v retrieving revision 1.3 retrieving revision 1.4 diff -C2 -d -r1.3 -r1.4 *** PolicyFinder.java 14 May 2004 18:46:23 -0000 1.3 --- PolicyFinder.java 4 Jun 2004 17:50:40 -0000 1.4 *************** *** 49,52 **** --- 49,55 ---- import java.util.Set; + import java.util.logging.Level; + import java.util.logging.Logger; + /** *************** *** 88,91 **** --- 91,98 ---- private Set referenceModules; + // the logger we'll use for all messages + private static final Logger logger = + Logger.getLogger(PolicyFinder.class.getName()); + /** * Returns the unordered <code>Set</code> of modules used by this class *************** *** 126,129 **** --- 133,138 ---- */ public void init() { + logger.finer("Initializing PolicyFinder"); + Iterator it = allModules.iterator(); *************** *** 154,159 **** // if there was an error, we stop right away ! if (newResult.indeterminate()) return newResult; // if we found a policy... --- 163,174 ---- // if there was an error, we stop right away ! if (newResult.indeterminate()) { ! if (logger.isLoggable(Level.INFO)) ! logger.info("An error occured while trying to find a " + ! "single applicable policy for a request: " + ! newResult.getStatus().getMessage()); ! return newResult; + } // if we found a policy... *************** *** 161,164 **** --- 176,182 ---- // ...if we already had found a policy, this is an error... if (result != null) { + logger.info("More than one top-level applicable policy " + + "for the request"); + ArrayList code = new ArrayList(); code.add(Status.STATUS_PROCESSING_ERROR); *************** *** 175,182 **** // if we got here then we didn't have any errors, so the only // question is whether or not we found anything ! if (result != null) return result; ! else return new PolicyFinderResult(); } --- 193,203 ---- // if we got here then we didn't have any errors, so the only // question is whether or not we found anything ! if (result != null) { return result; ! } else { ! logger.info("No applicable policies were found for the request"); ! return new PolicyFinderResult(); + } } *************** *** 212,217 **** // if there was an error, we stop right away ! if (newResult.indeterminate()) return newResult; // if we found a policy... --- 233,244 ---- // if there was an error, we stop right away ! if (newResult.indeterminate()) { ! if (logger.isLoggable(Level.INFO)) ! logger.info("An error occured while trying to find the " + ! "referenced policy " + idReference.toString() + ! ": " + newResult.getStatus().getMessage()); ! return newResult; + } // if we found a policy... *************** *** 219,222 **** --- 246,252 ---- // ...if we already had found a policy, this is an error... if (result != null) { + if (logger.isLoggable(Level.INFO)) + logger.info("More than one policy applies for the " + + "reference: " + idReference.toString()); ArrayList code = new ArrayList(); code.add(Status.STATUS_PROCESSING_ERROR); *************** *** 233,240 **** // if we got here then we didn't have any errors, so the only // question is whether or not we found anything ! if (result != null) return result; ! else return new PolicyFinderResult(); } --- 263,275 ---- // if we got here then we didn't have any errors, so the only // question is whether or not we found anything ! if (result != null) { return result; ! } else { ! if (logger.isLoggable(Level.INFO)) ! logger.info("No policies were resolved for the reference: " + ! idReference.toString()); ! return new PolicyFinderResult(); + } } |
|
From: Seth P. <se...@us...> - 2004-06-04 17:50:52
|
Update of /cvsroot/sunxacml/sunxacml/com/sun/xacml/finder/impl In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv7308/com/sun/xacml/finder/impl Modified Files: FilePolicyModule.java Log Message: Introduced some new, basic logging Index: FilePolicyModule.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/finder/impl/FilePolicyModule.java,v retrieving revision 1.5 retrieving revision 1.6 diff -C2 -d -r1.5 -r1.6 *** FilePolicyModule.java 12 May 2004 21:23:44 -0000 1.5 --- FilePolicyModule.java 4 Jun 2004 17:50:40 -0000 1.6 *************** *** 58,61 **** --- 58,64 ---- import java.util.Set; + import java.util.logging.Level; + import java.util.logging.Logger; + import javax.xml.parsers.DocumentBuilder; import javax.xml.parsers.DocumentBuilderFactory; *************** *** 120,123 **** --- 123,130 ---- private Set policies; + // the logger we'll use for all messages + private static final Logger logger = + Logger.getLogger(FilePolicyModule.class.getName()); + /** * Constructor which retrieves the schema file to validate policies against *************** *** 285,294 **** } else { // this isn't a root type that we know how to handle ! System.err.println("unknown root document type: " + name); } } catch (Exception e) { ! System.err.println("error reading policy: " + filename); ! System.err.println("error message: " + e.getMessage()); } --- 292,302 ---- } else { // this isn't a root type that we know how to handle ! throw new Exception("Unknown root document type: " + name); } } catch (Exception e) { ! if (logger.isLoggable(Level.WARNING)) ! logger.log(Level.WARNING, "Error reading policy from file " + ! filename, e); } *************** *** 353,357 **** */ public void warning(SAXParseException exception) throws SAXException { ! System.out.println("Warning on line " + exception.getLineNumber() + ": " + exception.getMessage()); } --- 361,366 ---- */ public void warning(SAXParseException exception) throws SAXException { ! if (logger.isLoggable(Level.WARNING)) ! logger.warning("Warning on line " + exception.getLineNumber() + ": " + exception.getMessage()); } *************** *** 365,372 **** */ public void error(SAXParseException exception) throws SAXException { ! System.out.println("Error on line " + exception.getLineNumber() + ": " + exception.getMessage() + " ... " + ! "Policy will not be availabe"); ! throw new SAXException("error parsing policy"); } --- 374,382 ---- */ public void error(SAXParseException exception) throws SAXException { ! if (logger.isLoggable(Level.WARNING)) ! logger.warning("Error on line " + exception.getLineNumber() + ": " + exception.getMessage() + " ... " + ! "Policy will not be available"); ! throw new SAXException("error parsing policy"); } *************** *** 380,386 **** */ public void fatalError(SAXParseException exception) throws SAXException { ! System.out.println("FatalError on line " + exception.getLineNumber() + ": " + exception.getMessage() + " ... " + ! "Policy will not be availabe"); throw new SAXException("fatal error parsing policy"); --- 390,397 ---- */ public void fatalError(SAXParseException exception) throws SAXException { ! if (logger.isLoggable(Level.WARNING)) ! logger.warning("Fatal error on line " + exception.getLineNumber() + ": " + exception.getMessage() + " ... " + ! "Policy will not be available"); throw new SAXException("fatal error parsing policy"); |
|
From: Seth P. <se...@us...> - 2004-06-04 17:50:49
|
Update of /cvsroot/sunxacml/sunxacml/com/sun/xacml/cond In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv7308/com/sun/xacml/cond Modified Files: StandardFunctionFactory.java Log Message: Introduced some new, basic logging Index: StandardFunctionFactory.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/cond/StandardFunctionFactory.java,v retrieving revision 1.5 retrieving revision 1.6 diff -C2 -d -r1.5 -r1.6 *** StandardFunctionFactory.java 24 May 2004 20:55:08 -0000 1.5 --- StandardFunctionFactory.java 4 Jun 2004 17:50:40 -0000 1.6 *************** *** 70,73 **** --- 70,75 ---- import java.util.Set; + import java.util.logging.Logger; + /** *************** *** 111,114 **** --- 113,120 ---- private Map supportedAbstractFunctions = null; + // the logger we'll use for all messages + private static final Logger logger = + Logger.getLogger(StandardFunctionFactory.class.getName()); + /** * Creates a new StandardFunctionFactory, making sure that the default *************** *** 130,133 **** --- 136,141 ---- */ private static void initTargetFunctions() { + logger.config("Initializing standard Target functions"); + targetFunctions = new HashSet(); *************** *** 159,162 **** --- 167,172 ---- */ private static void initConditionFunctions() { + logger.config("Initializing standard Condition functions"); + if (targetFunctions == null) initTargetFunctions(); *************** *** 182,185 **** --- 192,197 ---- */ private static void initGeneralFunctions() { + logger.config("Initializing standard General functions"); + if (conditionFunctions == null) initConditionFunctions(); |
|
From: Seth P. <se...@us...> - 2004-06-04 17:50:49
|
Update of /cvsroot/sunxacml/sunxacml/com/sun/xacml In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv7308/com/sun/xacml Modified Files: AbstractPolicy.java BasicEvaluationCtx.java ConfigurationStore.java PDP.java PolicyReference.java Target.java Log Message: Introduced some new, basic logging Index: BasicEvaluationCtx.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/BasicEvaluationCtx.java,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 *** BasicEvaluationCtx.java 12 May 2004 21:27:20 -0000 1.2 --- BasicEvaluationCtx.java 4 Jun 2004 17:50:39 -0000 1.3 *************** *** 65,68 **** --- 65,71 ---- import java.util.Set; + import java.util.logging.Level; + import java.util.logging.Logger; + import org.w3c.dom.Node; *************** *** 101,104 **** --- 104,111 ---- private boolean useCachedEnvValues; + // the logger we'll use for all messages + private static final Logger logger = + Logger.getLogger(BasicEvaluationCtx.class.getName()); + /** * Constructs a new <code>BasicEvaluationCtx</code> based on the given *************** *** 604,607 **** --- 611,618 ---- // we failed to find any that matched the type/issuer, or all the // Attribute types were empty...so ask the finder + if (logger.isLoggable(Level.FINE)) + logger.fine("Attribute not in request: " + id.toString() + + " ... querying AttributeFinder"); + return callHelper(type, id, issuer, category, designatorType); } *************** *** 617,625 **** private EvaluationResult callHelper(URI type, URI id, URI issuer, URI category, int adType) { ! if (finder != null) return finder.findAttribute(type, id, issuer, category, this, adType); ! else return new EvaluationResult(BagAttribute.createEmptyBag(type)); } --- 628,640 ---- private EvaluationResult callHelper(URI type, URI id, URI issuer, URI category, int adType) { ! if (finder != null) { return finder.findAttribute(type, id, issuer, category, this, adType); ! } else { ! logger.warning("Context tried to invoke AttributeFinder but was " + ! "not configured with one"); ! return new EvaluationResult(BagAttribute.createEmptyBag(type)); + } } *************** *** 641,646 **** Node namespaceNode, URI type, String xpathVersion) { ! return finder.findAttribute(contextPath, namespaceNode, type, this, ! xpathVersion); } --- 656,668 ---- Node namespaceNode, URI type, String xpathVersion) { ! if (finder != null) { ! return finder.findAttribute(contextPath, namespaceNode, type, this, ! xpathVersion); ! } else { ! logger.warning("Context tried to invoke AttributeFinder but was " + ! "not configured with one"); ! ! return new EvaluationResult(BagAttribute.createEmptyBag(type)); ! } } Index: AbstractPolicy.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/AbstractPolicy.java,v retrieving revision 1.10 retrieving revision 1.11 diff -C2 -d -r1.10 -r1.11 *** AbstractPolicy.java 14 May 2004 18:46:21 -0000 1.10 --- AbstractPolicy.java 4 Jun 2004 17:50:39 -0000 1.11 *************** *** 56,59 **** --- 56,62 ---- import java.util.Set; + import java.util.logging.Level; + import java.util.logging.Logger; + import org.w3c.dom.NamedNodeMap; import org.w3c.dom.Node; *************** *** 94,97 **** --- 97,104 ---- private Set obligations; + // the logger we'll use for all messages + private static final Logger logger = + Logger.getLogger(AbstractPolicy.class.getName()); + /** * Constructor used by <code>PolicyReference</code>, which supplies Index: PDP.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/PDP.java,v retrieving revision 1.7 retrieving revision 1.8 diff -C2 -d -r1.7 -r1.8 *** PDP.java 3 May 2004 18:34:36 -0000 1.7 --- PDP.java 4 Jun 2004 17:50:39 -0000 1.8 *************** *** 60,63 **** --- 60,66 ---- import java.util.Map; + import java.util.logging.Level; + import java.util.logging.Logger; + /** *************** *** 81,84 **** --- 84,90 ---- private ResourceFinder resourceFinder; + // the logger we'll use for all messages + private static final Logger logger = Logger.getLogger(PDP.class.getName()); + /** * Constructs a new <code>PDP</code> object with the given configuration *************** *** 89,92 **** --- 95,100 ---- */ public PDP(PDPConfig config) { + logger.fine("creating a PDP"); + attributeFinder = config.getAttributeFinder(); *************** *** 117,120 **** --- 125,130 ---- return evaluate(new BasicEvaluationCtx(request, attributeFinder)); } catch (ParsingException pe) { + logger.log(Level.INFO, "the PDP receieved an invalid request", pe); + // there was something wrong with the request, so we return // Indeterminate with a status of syntax error...though this *************** *** 222,238 **** // see if there weren't any applicable policies ! if (finderResult.notApplicable()) { ! System.err.println("couldn't find an applicable policy"); return new Result(Result.DECISION_NOT_APPLICABLE, context.getResourceId().encode()); - } // see if there were any errors in trying to get a policy ! if (finderResult.indeterminate()) { ! System.err.println("error in trying to find top-level policy"); return new Result(Result.DECISION_INDETERMINATE, finderResult.getStatus(), context.getResourceId().encode()); - } // we found a valid policy, so we can do the evaluation --- 232,244 ---- // see if there weren't any applicable policies ! if (finderResult.notApplicable()) return new Result(Result.DECISION_NOT_APPLICABLE, context.getResourceId().encode()); // see if there were any errors in trying to get a policy ! if (finderResult.indeterminate()) return new Result(Result.DECISION_INDETERMINATE, finderResult.getStatus(), context.getResourceId().encode()); // we found a valid policy, so we can do the evaluation Index: Target.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/Target.java,v retrieving revision 1.7 retrieving revision 1.8 diff -C2 -d -r1.7 -r1.8 *** Target.java 14 May 2004 18:46:22 -0000 1.7 --- Target.java 4 Jun 2004 17:50:39 -0000 1.8 *************** *** 47,50 **** --- 47,53 ---- import java.util.List; + import java.util.logging.Level; + import java.util.logging.Logger; + import org.w3c.dom.Node; import org.w3c.dom.NodeList; *************** *** 68,71 **** --- 71,78 ---- private List actions; + // the logger we'll use for all messages + private static final Logger logger = + Logger.getLogger(Target.class.getName()); + /** * Constructor that creates a <code>Target</code> from components. *************** *** 251,256 **** if (subjects != null) { MatchResult result = checkSet(subjects, context); ! if (result.getResult() != MatchResult.MATCH) ! return result; } --- 258,265 ---- if (subjects != null) { MatchResult result = checkSet(subjects, context); ! if (result.getResult() != MatchResult.MATCH) { ! logger.finer("failed to match Subjects section of Target"); ! return result; ! } } *************** *** 258,263 **** if (resources != null) { MatchResult result = checkSet(resources, context); ! if (result.getResult() != MatchResult.MATCH) return result; } --- 267,274 ---- if (resources != null) { MatchResult result = checkSet(resources, context); ! if (result.getResult() != MatchResult.MATCH) { ! logger.finer("failed to match Resources section of Target"); return result; + } } *************** *** 265,270 **** if (actions != null) { MatchResult result = checkSet(actions, context); ! if (result.getResult() != MatchResult.MATCH) return result; } --- 276,283 ---- if (actions != null) { MatchResult result = checkSet(actions, context); ! if (result.getResult() != MatchResult.MATCH) { ! logger.finer("failed to match Actions section of Target"); return result; + } } Index: ConfigurationStore.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/ConfigurationStore.java,v retrieving revision 1.6 retrieving revision 1.7 diff -C2 -d -r1.6 -r1.7 *** ConfigurationStore.java 27 May 2004 19:39:35 -0000 1.6 --- ConfigurationStore.java 4 Jun 2004 17:50:39 -0000 1.7 *************** *** 81,84 **** --- 81,87 ---- import java.util.Set; + import java.util.logging.Level; + import java.util.logging.Logger; + import javax.xml.parsers.DocumentBuilder; import javax.xml.parsers.DocumentBuilderFactory; *************** *** 142,145 **** --- 145,152 ---- private HashMap functionMap; + // the logger we'll use for all messages + private static final Logger logger = + Logger.getLogger(ConfigurationStore.class.getName()); + /** * Default constructor. This constructor uses the *************** *** 157,160 **** --- 164,170 ---- // make sure that the right property was set if (configFile == null) { + logger.severe("A property defining a config file was expected, " + + "but none was provided"); + throw new ParsingException("Config property " + PDP_CONFIG_PROPERTY + *************** *** 162,166 **** } ! setupConfig(new File(configFile)); } --- 172,182 ---- } ! try { ! setupConfig(new File(configFile)); ! } catch (ParsingException pe) { ! logger.log(Level.SEVERE, "Runtime config file couldn't be loaded" + ! " so no configurations will be available", pe); ! throw pe; ! } } *************** *** 178,182 **** */ public ConfigurationStore(File configFile) throws ParsingException { ! setupConfig(configFile); } --- 194,204 ---- */ public ConfigurationStore(File configFile) throws ParsingException { ! try { ! setupConfig(configFile); ! } catch (ParsingException pe) { ! logger.log(Level.SEVERE, "Runtime config file couldn't be loaded" + ! " so no configurations will be available", pe); ! throw pe; ! } } *************** *** 187,196 **** */ private void setupConfig(File configFile) throws ParsingException { ! Node root = null; ! ! System.out.println("Loading PDP configuration..."); // get the root node from the configuration file ! root = getRootNode(configFile); // initialize all the maps --- 209,216 ---- */ private void setupConfig(File configFile) throws ParsingException { ! logger.config("Loading runtime configuration"); // get the root node from the configuration file ! Node root = getRootNode(configFile); // initialize all the maps *************** *** 227,239 **** // that we're never loading something with the same name twice if (childName.equals("pdp")) { ! System.out.println(" Loading PDP \"" + elementName + "\"..."); if (pdpConfigMap.containsKey(elementName)) throw new ParsingException("more that one pdp with " + "name \"" + elementName +"\""); pdpConfigMap.put(elementName, parsePDPConfig(child)); - System.out.println(" done"); } else if (childName.equals("attributeFactory")) { ! System.out.println(" Loading AttributeFactory \"" + ! elementName + "\"..."); if (attributeMap.containsKey(elementName)) throw new ParsingException("more that one " + --- 247,259 ---- // that we're never loading something with the same name twice if (childName.equals("pdp")) { ! if (logger.isLoggable(Level.CONFIG)) ! logger.config("Loading PDP: " + elementName); if (pdpConfigMap.containsKey(elementName)) throw new ParsingException("more that one pdp with " + "name \"" + elementName +"\""); pdpConfigMap.put(elementName, parsePDPConfig(child)); } else if (childName.equals("attributeFactory")) { ! if (logger.isLoggable(Level.CONFIG)) ! logger.config("Loading AttributeFactory: " + elementName); if (attributeMap.containsKey(elementName)) throw new ParsingException("more that one " + *************** *** 241,248 **** elementName +"\""); attributeMap.put(elementName, parseAttributeFactory(child)); - System.out.println(" done"); } else if (childName.equals("combiningAlgFactory")) { ! System.out.println(" Loading CombiningAlgFactory \"" + ! elementName + "\"..."); if (combiningMap.containsKey(elementName)) throw new ParsingException("more that one " + --- 261,268 ---- elementName +"\""); attributeMap.put(elementName, parseAttributeFactory(child)); } else if (childName.equals("combiningAlgFactory")) { ! if (logger.isLoggable(Level.CONFIG)) ! logger.config("Loading CombiningAlgFactory: " + ! elementName); if (combiningMap.containsKey(elementName)) throw new ParsingException("more that one " + *************** *** 250,257 **** "name \"" + elementName +"\""); combiningMap.put(elementName, parseCombiningAlgFactory(child)); - System.out.println(" done"); } else if (childName.equals("functionFactory")) { ! System.out.println(" Loading FunctionFactory \"" + ! elementName + "\"..."); if (functionMap.containsKey(elementName)) throw new ParsingException("more that one functionFactory" --- 270,276 ---- "name \"" + elementName +"\""); combiningMap.put(elementName, parseCombiningAlgFactory(child)); } else if (childName.equals("functionFactory")) { ! if (logger.isLoggable(Level.CONFIG)) ! logger.config("Loading FunctionFactory: " + elementName); if (functionMap.containsKey(elementName)) throw new ParsingException("more that one functionFactory" *************** *** 259,263 **** elementName +"\""); functionMap.put(elementName, parseFunctionFactory(child)); - System.out.println(" done"); } } --- 278,281 ---- *************** *** 359,362 **** --- 377,382 ---- // check if we're starting with the standard factory setup if (useStandard(root, "useStandardDatatypes")) { + logger.config("Starting with standard Datatypes"); + StandardAttributeFactory sf = StandardAttributeFactory.getFactory(); *************** *** 401,404 **** --- 421,426 ---- // check if we're starting with the standard factory setup if (useStandard(root, "useStandardAlgorithms")) { + logger.config("Starting with standard Combining Algorithms"); + StandardCombiningAlgFactory sf = StandardCombiningAlgFactory.getFactory(); *************** *** 448,451 **** --- 470,475 ---- // make sure that the proxy is pre-configured if (useStandard(root, "useStandardFunctions")) { + logger.config("Starting with standard Functions"); + proxy = StandardFunctionFactory.getNewFactoryProxy(); *************** *** 471,481 **** if (name.equals("target")) { ! System.out.println(" [TARGET Functions]"); functionParserHelper(child, targetFactory); } else if (name.equals("condition")) { ! System.out.println(" [CONDITION Functions]"); functionParserHelper(child, conditionFactory); } else if (name.equals("general")) { ! System.out.println(" [GENERAL Functions]"); functionParserHelper(child, generalFactory); } --- 495,505 ---- if (name.equals("target")) { ! logger.config("Loading [TARGET] functions"); functionParserHelper(child, targetFactory); } else if (name.equals("condition")) { ! logger.config("Loading [CONDITION] functions"); functionParserHelper(child, conditionFactory); } else if (name.equals("general")) { ! logger.config("Loading [GENERAL] functions"); functionParserHelper(child, generalFactory); } *************** *** 557,561 **** root.getAttributes().getNamedItem("class").getNodeValue(); ! System.out.print(" [ " + prefix + ": " + className + " "); // use the system classloader to load the given class --- 581,586 ---- root.getAttributes().getNamedItem("class").getNodeValue(); ! if (logger.isLoggable(Level.CONFIG)) ! logger.config("Loading [ " + prefix + ": " + className + " ]"); // use the system classloader to load the given class *************** *** 648,653 **** } - System.out.println("]"); - return instance; } --- 673,676 ---- *************** *** 887,890 **** --- 910,915 ---- */ public void useDefaultFactories() { + logger.fine("Switching to default factories from configuration"); + // set the default attribute factory, if it exists here if (defaultAttributeFactory != null) { Index: PolicyReference.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/PolicyReference.java,v retrieving revision 1.6 retrieving revision 1.7 diff -C2 -d -r1.6 -r1.7 *** PolicyReference.java 23 Mar 2004 23:38:51 -0000 1.6 --- PolicyReference.java 4 Jun 2004 17:50:39 -0000 1.7 *************** *** 54,57 **** --- 54,60 ---- import java.util.Set; + import java.util.logging.Level; + import java.util.logging.Logger; + import org.w3c.dom.NamedNodeMap; import org.w3c.dom.Node; *************** *** 98,101 **** --- 101,108 ---- private PolicyFinder finder; + // the logger we'll use for all messages + private static final Logger logger = + Logger.getLogger(PolicyReference.class.getName()); + /** * Creates a new <code>PolicyReference</code>. *************** *** 271,278 **** */ private AbstractPolicy resolvePolicy() { ! if (finder == null) ! throw new ProcessingException("couldn't find the policy with" + "a null finder"); PolicyFinderResult pfr = finder.findPolicy(reference, policyType); --- 278,291 ---- */ private AbstractPolicy resolvePolicy() { + // see if this reference was setup with a finder + if (finder == null) { + if (logger.isLoggable(Level.WARNING)) + logger.warning("PolicyReference with id " + + reference.toString() + " was queried but was " + + "not configured with a PolicyFinder"); ! throw new ProcessingException("couldn't find the policy with " + "a null finder"); + } PolicyFinderResult pfr = finder.findPolicy(reference, policyType); *************** *** 298,302 **** */ public Result evaluate(EvaluationCtx context) { - // if there is no finder, then we return NotApplicable if (finder == null) --- 311,314 ---- |
|
From: Seth P. <se...@us...> - 2004-06-04 17:50:49
|
Update of /cvsroot/sunxacml/sunxacml/com/sun/xacml/ctx In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv7308/com/sun/xacml/ctx Modified Files: InputParser.java Log Message: Introduced some new, basic logging Index: InputParser.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/ctx/InputParser.java,v retrieving revision 1.3 retrieving revision 1.4 diff -C2 -d -r1.3 -r1.4 *** InputParser.java 12 May 2004 21:23:44 -0000 1.3 --- InputParser.java 4 Jun 2004 17:50:40 -0000 1.4 *************** *** 42,45 **** --- 42,48 ---- import java.io.InputStream; + import java.util.logging.Level; + import java.util.logging.Logger; + import javax.xml.parsers.DocumentBuilder; import javax.xml.parsers.DocumentBuilderFactory; *************** *** 74,77 **** --- 77,84 ---- "com.sun.xacml.ContextSchema"; + // the logger we'll use for all messages + private static final Logger logger = + Logger.getLogger(InputParser.class.getName()); + // standard strings for setting validation *************** *** 165,169 **** */ public void warning(SAXParseException exception) throws SAXException { ! System.out.println("Warning on line " + exception.getLineNumber() + ": " + exception.getMessage()); } --- 172,177 ---- */ public void warning(SAXParseException exception) throws SAXException { ! if (logger.isLoggable(Level.WARNING)) ! logger.warning("Warning on line " + exception.getLineNumber() + ": " + exception.getMessage()); } *************** *** 177,181 **** */ public void error(SAXParseException exception) throws SAXException { ! System.out.println("Error on line " + exception.getLineNumber() + ": " + exception.getMessage()); --- 185,190 ---- */ public void error(SAXParseException exception) throws SAXException { ! if (logger.isLoggable(Level.WARNING)) ! logger.warning("Error on line " + exception.getLineNumber() + ": " + exception.getMessage()); *************** *** 191,195 **** */ public void fatalError(SAXParseException exception) throws SAXException { ! System.out.println("FatalError on line " + exception.getLineNumber() + ": " + exception.getMessage()); --- 200,205 ---- */ public void fatalError(SAXParseException exception) throws SAXException { ! if (logger.isLoggable(Level.WARNING)) ! logger.warning("FatalError on line " + exception.getLineNumber() + ": " + exception.getMessage()); |
