sunxacml-commit Mailing List for Sun's XACML Implementation (Page 9)
Brought to you by:
farrukh_najmi,
sethp
Menu
▾
▴
sunxacml-commit — Notifications of cvs commits appear on this list
You can subscribe to this list here.
| 2003 |
Jan
|
Feb
|
Mar
|
Apr
|
May
(3) |
Jun
(3) |
Jul
(6) |
Aug
(37) |
Sep
(5) |
Oct
(6) |
Nov
(1) |
Dec
(3) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2004 |
Jan
(3) |
Feb
(11) |
Mar
(26) |
Apr
(5) |
May
(27) |
Jun
(13) |
Jul
(7) |
Aug
|
Sep
|
Oct
|
Nov
|
Dec
(2) |
| 2005 |
Jan
(12) |
Feb
(5) |
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
(8) |
| 2006 |
Jan
(10) |
Feb
(6) |
Mar
|
Apr
(3) |
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
(2) |
Dec
|
| 2008 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
(2) |
Nov
|
Dec
(1) |
| 2009 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
(6) |
Sep
|
Oct
|
Nov
|
Dec
|
|
From: <se...@us...> - 2003-08-11 21:00:14
|
Update of /cvsroot/sunxacml/sunxacml/com/sun/xacml/cond
In directory sc8-pr-cvs1:/tmp/cvs-serv21844/com/sun/xacml/cond
Modified Files:
Apply.java
Log Message:
TimeAttribute fix for DST and new Time & current env features plus some small
fixes and cleanups
Index: Apply.java
===================================================================
RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/cond/Apply.java,v
retrieving revision 1.2
retrieving revision 1.3
diff -C2 -d -r1.2 -r1.3
*** Apply.java 29 Jul 2003 22:01:47 -0000 1.2
--- Apply.java 11 Aug 2003 20:48:45 -0000 1.3
***************
*** 175,179 ****
evals.add(AttributeFactory.createAttribute(node));
} catch (UnknownIdentifierException uie) {
! throw new ParsingException("Unknown AttributeId", uie);
}
} else if (name.equals("SubjectAttributeDesignator")) {
--- 175,179 ----
evals.add(AttributeFactory.createAttribute(node));
} catch (UnknownIdentifierException uie) {
! throw new ParsingException("Unknown DataType", uie);
}
} else if (name.equals("SubjectAttributeDesignator")) {
|
Update of /cvsroot/sunxacml/sunxacml/com/sun/xacml/cond
In directory sc8-pr-cvs1:/tmp/cvs-serv22177/com/sun/xacml/cond
Modified Files:
Apply.java Function.java FunctionBase.java
HigherOrderFunction.java MapFunction.java
Log Message:
Added accessor methods for Target-related and Function-related classes
Index: Apply.java
===================================================================
RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/cond/Apply.java,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -C2 -d -r1.1.1.1 -r1.2
*** Apply.java 13 Feb 2003 22:19:10 -0000 1.1.1.1
--- Apply.java 29 Jul 2003 22:01:47 -0000 1.2
***************
*** 49,52 ****
--- 49,53 ----
import java.util.ArrayList;
+ import java.util.Collections;
import java.util.Iterator;
import java.util.List;
***************
*** 80,85 ****
* @param function the <code>Function</code> to use in evaluating the
* elements in the apply
! * @param evals the contents of the apply, which will be the parameters
! * to the function
*/
public Apply(Function function, List evals)
--- 81,87 ----
* @param function the <code>Function</code> to use in evaluating the
* elements in the apply
! * @param evals the contents of the apply which will be the parameters
! * to the function, each of which is an
! * <code>Evaluatable</code>
*/
public Apply(Function function, List evals)
***************
*** 96,101 ****
* @param function the <code>Function</code> to use in evaluating the
* elements in the apply
! * @param evals the contents of the apply, which will be the parameters
! * to the function
* @param bagFunction the higher-order function to use
*/
--- 98,104 ----
* @param function the <code>Function</code> to use in evaluating the
* elements in the apply
! * @param evals the contents of the apply which will be the parameters
! * to the function, each of which is an
! * <code>Evaluatable</code>
* @param bagFunction the higher-order function to use
*/
***************
*** 114,118 ****
// if everything checks out, then store the inputs
this.function = function;
! this.evals = evals;
this.bagFunction = bagFunction;
}
--- 117,121 ----
// if everything checks out, then store the inputs
this.function = function;
! this.evals = Collections.unmodifiableList(evals);
this.bagFunction = bagFunction;
}
***************
*** 232,235 ****
--- 235,268 ----
}
}
+ }
+
+ /**
+ * Returns the <code>Function</code> used by this <code>Apply</code>.
+ *
+ * @return the <code>Function</code>
+ */
+ public Function getFunction() {
+ return function;
+ }
+
+ /**
+ * Returns the <code>List</code> of children for this <code>Apply</code>.
+ * The <code>List</code> contains <code>Evaluatable</code>s. The list is
+ * unmodifiable.
+ *
+ * @return a <code>List</code> of <code>Evaluatable</code>s
+ */
+ public List getChildren() {
+ return evals;
+ }
+
+ /**
+ * Returns the higher order bag function used by this <code>Apply</code>
+ * if it exists, or null if no higher order function is used.
+ *
+ * @return the higher order <code>Function</code> or null
+ */
+ public Function getHigherOrderFunction() {
+ return bagFunction;
}
Index: Function.java
===================================================================
RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/cond/Function.java,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -C2 -d -r1.1.1.1 -r1.2
*** Function.java 13 Feb 2003 22:19:10 -0000 1.1.1.1
--- Function.java 29 Jul 2003 22:01:47 -0000 1.2
***************
*** 92,95 ****
--- 92,103 ----
/**
+ * Returns the identifier of this function as known by the factories.
+ * In the case of the standard XACML functions, this will be one of the
+ * URIs defined in the standard namespace. This function must always
+ * return the complete namespace and identifier of this function.
+ */
+ public URI getIdentifier();
+
+ /**
* Provides the type of <code>AttributeValue</code> that this function
* returns from <code>evaluate</code> in a successful evaluation.
Index: FunctionBase.java
===================================================================
RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/cond/FunctionBase.java,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -C2 -d -r1.1.1.1 -r1.2
*** FunctionBase.java 13 Feb 2003 22:19:10 -0000 1.1.1.1
--- FunctionBase.java 29 Jul 2003 22:01:47 -0000 1.2
***************
*** 44,47 ****
--- 44,48 ----
import java.net.URI;
+ import java.net.URISyntaxException;
import java.util.ArrayList;
***************
*** 221,224 ****
--- 222,243 ----
/**
+ * Returns the full identifier of this function, as known by the factories.
+ *
+ * @return the function's identifier
+ *
+ * @throws IllegalArgumentException if the identifier isn't a valid URI
+ */
+ public URI getIdentifier() {
+ // this is to get around the exception handling problems, but may
+ // change if this code changes to include exceptions from the
+ // constructors
+ try {
+ return new URI(functionName);
+ } catch (URISyntaxException use) {
+ throw new IllegalArgumentException("invalid URI");
+ }
+ }
+
+ /**
* Returns the name of the function to be handled by this particular
* object.
***************
*** 244,248 ****
*
* @return a <code>URI</code> indicating the attribute type
! * returned by this function ("boolean", in this case)
*/
public URI getReturnType() {
--- 263,267 ----
*
* @return a <code>URI</code> indicating the attribute type
! * returned by this function
*/
public URI getReturnType() {
Index: HigherOrderFunction.java
===================================================================
RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/cond/HigherOrderFunction.java,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -C2 -d -r1.1.1.1 -r1.2
*** HigherOrderFunction.java 13 Feb 2003 22:19:10 -0000 1.1.1.1
--- HigherOrderFunction.java 29 Jul 2003 22:01:47 -0000 1.2
***************
*** 44,47 ****
--- 44,48 ----
import java.net.URI;
+ import java.net.URISyntaxException;
import java.util.ArrayList;
***************
*** 92,98 ****
private static final int ID_ALL_OF_ALL = 5;
! //
private int functionId;
// should the second argument (the first arg passed to the sub-function)
// be a bag
--- 93,102 ----
private static final int ID_ALL_OF_ALL = 5;
! // the internal identifier for each function
private int functionId;
+ // the real identifier for each function
+ private URI identifier;
+
// should the second argument (the first arg passed to the sub-function)
// be a bag
***************
*** 119,133 ****
public static void addConditionFunctions(Map functionMap) {
functionMap.put(NAME_ANY_OF,
! new HigherOrderFunction(ID_ANY_OF));
functionMap.put(NAME_ALL_OF,
! new HigherOrderFunction(ID_ALL_OF));
functionMap.put(NAME_ANY_OF_ANY,
! new HigherOrderFunction(ID_ANY_OF_ANY));
functionMap.put(NAME_ALL_OF_ANY,
! new HigherOrderFunction(ID_ALL_OF_ANY));
functionMap.put(NAME_ANY_OF_ALL,
! new HigherOrderFunction(ID_ANY_OF_ALL));
functionMap.put(NAME_ALL_OF_ALL,
! new HigherOrderFunction(ID_ALL_OF_ALL));
}
--- 123,141 ----
public static void addConditionFunctions(Map functionMap) {
functionMap.put(NAME_ANY_OF,
! new HigherOrderFunction(ID_ANY_OF, NAME_ANY_OF));
functionMap.put(NAME_ALL_OF,
! new HigherOrderFunction(ID_ALL_OF, NAME_ALL_OF));
functionMap.put(NAME_ANY_OF_ANY,
! new HigherOrderFunction(ID_ANY_OF_ANY,
! NAME_ANY_OF_ANY));
functionMap.put(NAME_ALL_OF_ANY,
! new HigherOrderFunction(ID_ALL_OF_ANY,
! NAME_ALL_OF_ANY));
functionMap.put(NAME_ANY_OF_ALL,
! new HigherOrderFunction(ID_ANY_OF_ALL,
! NAME_ANY_OF_ALL));
functionMap.put(NAME_ALL_OF_ALL,
! new HigherOrderFunction(ID_ALL_OF_ALL,
! NAME_ALL_OF_ALL));
}
***************
*** 135,141 ****
* Creates a new instance of the given kind of function.
*/
! private HigherOrderFunction(int functionId) {
this.functionId = functionId;
// see if the second arg is a bag
if ((functionId != ID_ANY_OF) && (functionId != ID_ALL_OF))
--- 143,155 ----
* Creates a new instance of the given kind of function.
*/
! private HigherOrderFunction(int functionId, String functionName) {
this.functionId = functionId;
+ try {
+ identifier = new URI(functionName);
+ } catch (URISyntaxException use) {
+ throw new IllegalArgumentException("invalid URI");
+ }
+
// see if the second arg is a bag
if ((functionId != ID_ANY_OF) && (functionId != ID_ALL_OF))
***************
*** 143,146 ****
--- 157,169 ----
else
secondIsBag = false;
+ }
+
+ /**
+ * Returns the full identifier of this function, as known by the factories.
+ *
+ * @return the function's identifier
+ */
+ public URI getIdentifier() {
+ return identifier;
}
Index: MapFunction.java
===================================================================
RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/cond/MapFunction.java,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -C2 -d -r1.1.1.1 -r1.2
*** MapFunction.java 13 Feb 2003 22:19:10 -0000 1.1.1.1
--- MapFunction.java 29 Jul 2003 22:01:47 -0000 1.2
***************
*** 72,75 ****
--- 72,90 ----
private URI returnType;
+ // the stuff used to make sure that we have a valid identifier or a
+ // known error, just like in the attribute classes
+ private static URI identifier;
+ private static RuntimeException earlyException;
+
+ // try to initialize the identifier
+ static {
+ try {
+ identifier = new URI(NAME);
+ } catch (Exception e) {
+ earlyException = new IllegalArgumentException();
+ earlyException.initCause(e);
+ }
+ };
+
/**
* Creates a new instance of a <code>MapFunction</code>.
***************
*** 130,133 ****
--- 145,161 ----
return new MapFunction(returnType);
+ }
+
+ /**
+ * Returns the full identifier of this function, as known by the factories.
+ *
+ * @return the function's identifier
+ */
+ public URI getIdentifier() {
+ // strictly speaking, this should never happen
+ if (earlyException != null)
+ throw earlyException;
+
+ return identifier;
}
|
|
From: <se...@us...> - 2003-07-29 22:01:49
|
Update of /cvsroot/sunxacml/sunxacml/com/sun/xacml/attr
In directory sc8-pr-cvs1:/tmp/cvs-serv22177/com/sun/xacml/attr
Modified Files:
AttributeDesignator.java AttributeSelector.java
Log Message:
Added accessor methods for Target-related and Function-related classes
Index: AttributeDesignator.java
===================================================================
RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/attr/AttributeDesignator.java,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -C2 -d -r1.1.1.1 -r1.2
*** AttributeDesignator.java 13 Feb 2003 22:19:10 -0000 1.1.1.1
--- AttributeDesignator.java 29 Jul 2003 22:01:47 -0000 1.2
***************
*** 246,249 ****
--- 246,259 ----
/**
+ * Returns the type of this designator as specified by the *_TARGET
+ * fields.
+ *
+ * @return the designator type
+ */
+ public int getDesignatorType() {
+ return target;
+ }
+
+ /**
* Returns the type of attribute that is resolved by this designator.
* While an AD will always return a bag, this method will always return
***************
*** 254,257 ****
--- 264,307 ----
public URI getType() {
return type;
+ }
+
+ /**
+ * Returns the AttributeId of the values resolved by this designator.
+ *
+ * @return identifier for the values to resolve
+ */
+ public URI getId() {
+ return id;
+ }
+
+ /**
+ * Returns the subject category for this designator. If this is not a
+ * SubjectAttributeDesignator then this will always return null.
+ *
+ * @return the subject category or null if this isn't a
+ * SubjectAttributeDesignator
+ */
+ public URI getCategory() {
+ return subjectCategory;
+ }
+
+ /**
+ * Returns the issuer of the values resolved by this designator if
+ * specified.
+ *
+ * @return the attribute issuer or null if unspecified
+ */
+ public URI getIssuer() {
+ return issuer;
+ }
+
+ /**
+ * Returns whether or not a value is required to be resolved by this
+ * designator.
+ *
+ * @return true if a value is required, false otherwise
+ */
+ public boolean mustBePresent() {
+ return mustBePresent;
}
Index: AttributeSelector.java
===================================================================
RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/attr/AttributeSelector.java,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -C2 -d -r1.1.1.1 -r1.2
*** AttributeSelector.java 13 Feb 2003 22:19:10 -0000 1.1.1.1
--- AttributeSelector.java 29 Jul 2003 22:01:47 -0000 1.2
***************
*** 153,156 ****
--- 153,175 ----
/**
+ * Returns the XPath query used to resolve attribute values.
+ *
+ * @return the XPath query
+ */
+ public String getContextPath() {
+ return contextPath;
+ }
+
+ /**
+ * Returns whether or not a value is required to be resolved by this
+ * selector.
+ *
+ * @return true if a value is required, false otherwise
+ */
+ public boolean mustBePresent() {
+ return mustBePresent;
+ }
+
+ /**
* Always returns true, since a selector always returns a bag of
* attribute values.
|
|
From: <se...@us...> - 2003-07-29 22:01:49
|
Update of /cvsroot/sunxacml/sunxacml/com/sun/xacml
In directory sc8-pr-cvs1:/tmp/cvs-serv22177/com/sun/xacml
Modified Files:
Target.java TargetMatch.java
Log Message:
Added accessor methods for Target-related and Function-related classes
Index: Target.java
===================================================================
RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/Target.java,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -C2 -d -r1.1.1.1 -r1.2
*** Target.java 13 Feb 2003 22:19:10 -0000 1.1.1.1
--- Target.java 29 Jul 2003 22:01:46 -0000 1.2
***************
*** 40,43 ****
--- 40,44 ----
import java.util.ArrayList;
+ import java.util.Collections;
import java.util.Iterator;
import java.util.List;
***************
*** 77,91 ****
this.subjects = subjects;
else
! this.subjects = new ArrayList(subjects);
if (resources == null)
this.resources = resources;
else
! this.resources = new ArrayList(resources);
if (actions == null)
this.actions = actions;
else
! this.actions = new ArrayList(actions);
}
--- 78,92 ----
this.subjects = subjects;
else
! this.subjects = Collections.unmodifiableList(subjects);
if (resources == null)
this.resources = resources;
else
! this.resources = Collections.unmodifiableList(resources);
if (actions == null)
this.actions = actions;
else
! this.actions = Collections.unmodifiableList(actions);
}
***************
*** 167,171 ****
}
! return list;
}
--- 168,223 ----
}
! return Collections.unmodifiableList(list);
! }
!
! /**
! * Returns an unmodifiable <code>List</code> that represents the Subjects
! * section of this target. Each entry in the <code>List</code> is
! * another <code>List</code> that represents the Subject section. In turn,
! * each of these <code>List</code>s contains <code>TargetMatch</code>
! * objects that represent SubjectMatch XML structures.
! * <p>
! * Note that future versions of this code may use intermediary classes to
! * make the structure clearer, but this depends on the future structure
! * of XACML Targets.
! *
! * @return the matching elements or null of the match is any
! */
! public List getSubjects() {
! return subjects;
! }
!
! /**
! * Returns an unmodifiable <code>List</code> that represents the Resources
! * section of this target. Each entry in the <code>List</code> is
! * another <code>List</code> that represents the Resource section. In turn,
! * each of these <code>List</code>s contains <code>TargetMatch</code>
! * objects that represent ResourceMatch XML structures.
! * <p>
! * Note that future versions of this code may use intermediary classes to
! * make the structure clearer, but this depends on the future structure
! * of XACML Targets.
! *
! * @return the matching elements or null of the match is any
! */
! public List getResources() {
! return resources;
! }
!
! /**
! * Returns an unmodifiable <code>List</code> that represents the Actions
! * section of this target. Each entry in the <code>List</code> is
! * another <code>List</code> that represents the Action section. In turn,
! * each of these <code>List</code>s contains <code>TargetMatch</code>
! * objects that represent ActionMatch XML structures.
! * <p>
! * Note that future versions of this code may use intermediary classes to
! * make the structure clearer, but this depends on the future structure
! * of XACML Targets.
! *
! * @return the matching elements or null of the match is any
! */
! public List getActions() {
! return actions;
}
Index: TargetMatch.java
===================================================================
RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/TargetMatch.java,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -C2 -d -r1.1.1.1 -r1.2
*** TargetMatch.java 13 Feb 2003 22:19:10 -0000 1.1.1.1
--- TargetMatch.java 29 Jul 2003 22:01:46 -0000 1.2
***************
*** 213,216 ****
--- 213,254 ----
/**
+ * Returns the type of this <code>TargetMatch</code>, either
+ * <code>SUBJECT</code>, <code>RESOURCE</code>, or <code>ACTION</code>.
+ *
+ * @return the type
+ */
+ public int getType() {
+ return type;
+ }
+
+ /**
+ * Returns the <code>Function</code> used to do the matching.
+ *
+ * @return the match function
+ */
+ public Function getMatchFunction() {
+ return function;
+ }
+
+ /**
+ * Returns the <code>AttributeValue</code> used by the matching function.
+ *
+ * @return the <code>AttributeValue</code> for the match
+ */
+ public AttributeValue getMatchValue() {
+ return attrValue;
+ }
+
+ /**
+ * Returns the <code>AttributeDesignator</code> or
+ * <code>AttributeSelector</code> used by the matching function.
+ *
+ * @return the designator or selector for the match
+ */
+ public Evaluatable getMatchEvaluatable() {
+ return eval;
+ }
+
+ /**
* Determines whether this <code>TargetMatch</code> matches
* the input request (whether it is applicable)
|
|
From: <se...@us...> - 2003-07-22 15:05:48
|
Update of /cvsroot/sunxacml/sunxacml/com/sun/xacml/attr
In directory sc8-pr-cvs1:/tmp/cvs-serv6049/com/sun/xacml/attr
Modified Files:
AttributeValue.java
Log Message:
Added new Subject interface for RequestCtx and fixed Attribute encoding bug
Index: AttributeValue.java
===================================================================
RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/attr/AttributeValue.java,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -C2 -d -r1.1.1.1 -r1.2
*** AttributeValue.java 13 Feb 2003 22:19:10 -0000 1.1.1.1
--- AttributeValue.java 22 Jul 2003 15:05:45 -0000 1.2
***************
*** 130,132 ****
--- 130,152 ----
public abstract String encode();
+ /**
+ * Encodes the value and includes the AttributeValue XML tags so that
+ * the resulting string can be included in a valid XACML policy or
+ * Request/Response. The <code>boolean</code> parameter lets you include
+ * the DataType attribute, which is required in a policy but not allowed
+ * in a Request or Response.
+ *
+ * @param includeType include the DataType XML attribute if
+ * <code>true</code>, exclude if <code>false</code>
+ *
+ * @return a <code>String</code> encoding including the XML tags
+ */
+ public String encodeWithTags(boolean includeType) {
+ if (includeType)
+ return "<AttributeValue DataType=\"" + type.toString() + "\">" +
+ encode() + "</AttributeValue>";
+ else
+ return "<AttributeValue>" + encode() + "</AttributeValue>";
+ }
+
}
|
|
From: <se...@us...> - 2003-07-22 15:05:48
|
Update of /cvsroot/sunxacml/sunxacml/com/sun/xacml/ctx
In directory sc8-pr-cvs1:/tmp/cvs-serv6049/com/sun/xacml/ctx
Modified Files:
Attribute.java RequestCtx.java
Added Files:
Subject.java
Log Message:
Added new Subject interface for RequestCtx and fixed Attribute encoding bug
--- NEW FILE: Subject.java ---
/*
* @(#)Subject.java
*
* Copyright 2003 Sun Microsystems, Inc. All Rights Reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
*
* 1. Redistribution of source code must retain the above copyright notice,
* this list of conditions and the following disclaimer.
*
* 2. Redistribution in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* Neither the name of Sun Microsystems, Inc. or the names of contributors may
* be used to endorse or promote products derived from this software without
* specific prior written permission.
*
* This software is provided "AS IS," without a warranty of any kind. ALL
* EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING
* ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE
* OR NON-INFRINGEMENT, ARE HEREBY EXCLUDED. SUN MICROSYSTEMS, INC. ("SUN")
* AND ITS LICENSORS SHALL NOT BE LIABLE FOR ANY DAMAGES SUFFERED BY LICENSEE
* AS A RESULT OF USING, MODIFYING OR DISTRIBUTING THIS SOFTWARE OR ITS
* DERIVATIVES. IN NO EVENT WILL SUN OR ITS LICENSORS BE LIABLE FOR ANY LOST
* REVENUE, PROFIT OR DATA, OR FOR DIRECT, INDIRECT, SPECIAL, CONSEQUENTIAL,
* INCIDENTAL OR PUNITIVE DAMAGES, HOWEVER CAUSED AND REGARDLESS OF THE THEORY
* OF LIABILITY, ARISING OUT OF THE USE OF OR INABILITY TO USE THIS SOFTWARE,
* EVEN IF SUN HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
*
* You acknowledge that this software is not designed or intended for use in
* the design, construction, operation or maintenance of any nuclear facility.
*/
package com.sun.xacml.ctx;
import com.sun.xacml.Indenter;
import com.sun.xacml.attr.AttributeDesignator;
import java.io.OutputStream;
import java.io.PrintStream;
import java.net.URI;
import java.util.Collections;
import java.util.Set;
/**
* This class represents the collection of <code>Attribute</code>s associated
* with a particular subject.
*
* @author seth proctor
*/
public class Subject
{
// the subject's category
private URI category;
// the attributes associated with the subject
private Set attributes;
/**
* <code>URI</code> form of the default subject category
*/
public static final URI DEFAULT_CATEGORY;
// the exception thrown if the default category was invalid
private static RuntimeException earlyException = null;
/**
* Tries to initialize the default category, keeping track of the
* exception for later use (if there was a problem). Note that this
* should never happen, but the error case will be reported correctly
* if the default string is invalid.
*/
static {
URI defaultURI = null;
try {
defaultURI = new URI(AttributeDesignator.SUBJECT_CATEGORY_DEFAULT);
} catch (Exception e) {
earlyException = new IllegalArgumentException("invalid URI");
earlyException.initCause(e);
}
DEFAULT_CATEGORY = defaultURI;
}
/**
* Creates a new collection of subject attributes using the default
* subject cateorgy.
*
* @param attributes a non-null <code>Set</code> of <code>Attribute</code>
* objects
*/
public Subject(Set attributes) {
this(null, attributes);
if (earlyException != null)
throw earlyException;
}
/**
* Creates a new collection of subject attributes using the given
* subject category.
*
* @param category the subject category or null for the default category
* @param attributes a non-null <code>Set</code> of <code>Attribute</code>
* objects
*/
public Subject(URI category, Set attributes) {
if (category == null)
this.category = DEFAULT_CATEGORY;
else
this.category = category;
this.attributes = Collections.unmodifiableSet(attributes);
}
/**
* Returns the category of this subject's attributes.
*
* @return the category
*/
public URI getCategory() {
return category;
}
/**
* Returns the <code>Attribute</code>s associated with this subject.
*
* @return the immutable <code>Set</code> of <code>Attribute</code>s
*/
public Set getAttributes() {
return attributes;
}
}
Index: Attribute.java
===================================================================
RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/ctx/Attribute.java,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -C2 -d -r1.1.1.1 -r1.2
*** Attribute.java 13 Feb 2003 22:19:10 -0000 1.1.1.1
--- Attribute.java 22 Jul 2003 15:05:45 -0000 1.2
***************
*** 247,251 ****
if (value != null)
! encoded += ">" + value.encode() + "</Attribute>";
else
encoded += "/>";
--- 247,251 ----
if (value != null)
! encoded += ">" + value.encodeWithTags(false) + "</Attribute>";
else
encoded += "/>";
Index: RequestCtx.java
===================================================================
RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/ctx/RequestCtx.java,v
retrieving revision 1.3
retrieving revision 1.4
diff -C2 -d -r1.3 -r1.4
*** RequestCtx.java 3 Jun 2003 18:27:04 -0000 1.3
--- RequestCtx.java 22 Jul 2003 15:05:45 -0000 1.4
***************
*** 99,109 ****
* Constructor that creates a <code>RequestCtx</code> from components.
*
! * @param subjects a <code>Set</code> containing the subject data, formed
! * as described in <code>getSubjects</code>
* @param resource a <code>Set</code> of <code>Attribute</code>s
* @param action a <code>Set</code> of <code>Attribute</code>s
* @param environment a <code>Set</code> of environment attributes
*/
! public RequestCtx(Set subjects, Set resource, Set action, Set environment) {
this(subjects, resource, action, environment, null, null);
}
--- 99,109 ----
* Constructor that creates a <code>RequestCtx</code> from components.
*
! * @param subjects a <code>Set</code> of <code>Subject</code>s
* @param resource a <code>Set</code> of <code>Attribute</code>s
* @param action a <code>Set</code> of <code>Attribute</code>s
* @param environment a <code>Set</code> of environment attributes
*/
! public RequestCtx(Set subjects, Set resource, Set action,
! Set environment) {
this(subjects, resource, action, environment, null, null);
}
***************
*** 112,117 ****
* Constructor that creates a <code>RequestCtx</code> from components.
*
! * @param subjects a <code>Set</code> containing the subject data, formed
! * as described in <code>getSubjects</code>
* @param resource a <code>Set</code> of <code>Attribute</code>s
* @param action a <code>Set</code> of <code>Attribute</code>s
--- 112,116 ----
* Constructor that creates a <code>RequestCtx</code> from components.
*
! * @param subjects a <code>Set</code> of <code>Subject</code>s
* @param resource a <code>Set</code> of <code>Attribute</code>s
* @param action a <code>Set</code> of <code>Attribute</code>s
***************
*** 127,132 ****
* Constructor that creates a <code>RequestCtx</code> from components.
*
! * @param subjects a <code>Set</code> containing the subject data, formed
! * as described in <code>getSubjects</code>
* @param resource a <code>Set</code> of <code>Attribute</code>s
* @param action a <code>Set</code> of <code>Attribute</code>s
--- 126,130 ----
* Constructor that creates a <code>RequestCtx</code> from components.
*
! * @param subjects a <code>Set</code> of <code>Subject</code>s
* @param resource a <code>Set</code> of <code>Attribute</code>s
* @param action a <code>Set</code> of <code>Attribute</code>s
***************
*** 144,149 ****
* Constructor that creates a <code>RequestCtx</code> from components.
*
! * @param subjects a <code>Set</code> containing the subject data, formed
! * as described in <code>getSubjects</code>
* @param resource a <code>Set</code> of <code>Attribute</code>s
* @param action a <code>Set</code> of <code>Attribute</code>s
--- 142,146 ----
* Constructor that creates a <code>RequestCtx</code> from components.
*
! * @param subjects a <code>Set</code> of <code>Subject</code>s
* @param resource a <code>Set</code> of <code>Attribute</code>s
* @param action a <code>Set</code> of <code>Attribute</code>s
***************
*** 158,167 ****
public RequestCtx(Set subjects, Set resource, Set action,
Set environment, Node documentRoot,
! String resourceContent) throws IllegalArgumentException{
// make sure subjects is well formed
Iterator sIter = subjects.iterator();
while (sIter.hasNext()){
! if (!(sIter.next() instanceof List))
throw new IllegalArgumentException("Subjects input is not " +
"well formed");
--- 155,164 ----
public RequestCtx(Set subjects, Set resource, Set action,
Set environment, Node documentRoot,
! String resourceContent) throws IllegalArgumentException {
// make sure subjects is well formed
Iterator sIter = subjects.iterator();
while (sIter.hasNext()){
! if (!(sIter.next() instanceof Subject))
throw new IllegalArgumentException("Subjects input is not " +
"well formed");
***************
*** 236,262 ****
if (tag.equals("Subject")) {
// see if there is a category
! ArrayList list = new ArrayList();
! Node catNode = node.getAttributes().
! getNamedItem("SubjectCategory");
!
! try {
! URI category = null;
! if (catNode != null)
category = new URI(catNode.getNodeValue());
! else
! category = new URI(AttributeDesignator.
! SUBJECT_CATEGORY_DEFAULT);
!
! list.add(category);
! } catch (Exception e) {
! throw new ParsingException("Invalid Category URI", e);
}
!
// now we get the attributes
! list.add(parseAttributes(node));
// finally, add the list to the set of subject attributes
! newSubjects.add(list);
} else if (tag.equals("Resource")) {
// For now, this code doesn't parse the content, since it's
--- 233,253 ----
if (tag.equals("Subject")) {
// see if there is a category
! Node catNode =
! node.getAttributes().getNamedItem("SubjectCategory");
! URI category = null;
! if (catNode != null) {
! try {
category = new URI(catNode.getNodeValue());
! } catch (Exception e) {
! throw new ParsingException("Invalid Category URI", e);
! }
}
!
// now we get the attributes
! Set attributes = parseAttributes(node);
// finally, add the list to the set of subject attributes
! newSubjects.add(new Subject(category, attributes));
} else if (tag.equals("Resource")) {
// For now, this code doesn't parse the content, since it's
***************
*** 326,336 ****
/**
! * Returns the subjects associated with this request. Note that this is
! * a <code>Set</code> that contains any number of <code>List</code>s.
! * Each <code>List</code> contains exactly two items: a <code>URI</code>
! * specifying the category, and a <code>Set</code> that contains
! * <code>Attribute</code>s listed in that category.
*
! * @return a <code>Set</code> of <code>List</code> objects
*/
public Set getSubjects() {
--- 317,323 ----
/**
! * Returns a <code>Set</code> containing <code>Subject</code> objects.
*
! * @return the request's subject attributes
*/
public Set getSubjects() {
***************
*** 341,345 ****
* Returns a <code>Set</code> containing <code>Attribute</code> objects.
*
! * @return the <code>Set</code>
*/
public Set getResource() {
--- 328,332 ----
* Returns a <code>Set</code> containing <code>Attribute</code> objects.
*
! * @return the request's resource attributes
*/
public Set getResource() {
***************
*** 350,354 ****
* Returns a <code>Set</code> containing <code>Attribute</code> objects.
*
! * @return the request's action
*/
public Set getAction() {
--- 337,341 ----
* Returns a <code>Set</code> containing <code>Attribute</code> objects.
*
! * @return the request's action attributes
*/
public Set getAction() {
***************
*** 359,363 ****
* Returns a <code>Set</code> containing <code>Attribute</code> objects.
*
! * @return a <code>Set</code> of <code>Attribute</code> objects
*/
public Set getEnvironmentAttributes() {
--- 346,350 ----
* Returns a <code>Set</code> containing <code>Attribute</code> objects.
*
! * @return the request's environment attributes
*/
public Set getEnvironmentAttributes() {
***************
*** 412,423 ****
Iterator it = subjects.iterator();
while (it.hasNext()) {
! List list = (List)(it.next());
! String category = ((URI)(list.get(0))).toString();
! Set attrs = (Set)(list.get(1));
out.println(indent + "<Subject SubjectCategory=\"" +
! category + "\">");
! encodeAttributes(attrs, out, depth + 2, indenter);
out.println(indent + "</Subject>");
--- 399,409 ----
Iterator it = subjects.iterator();
while (it.hasNext()) {
! Subject subject = (Subject)(it.next());
out.println(indent + "<Subject SubjectCategory=\"" +
! subject.getCategory().toString() + "\">");
! encodeAttributes(subject.getAttributes(), out, depth + 2,
! indenter);
out.println(indent + "</Subject>");
|
|
From: <se...@us...> - 2003-07-22 15:05:48
|
Update of /cvsroot/sunxacml/sunxacml/com/sun/xacml
In directory sc8-pr-cvs1:/tmp/cvs-serv6049/com/sun/xacml
Modified Files:
EvaluationCtx.java
Log Message:
Added new Subject interface for RequestCtx and fixed Attribute encoding bug
Index: EvaluationCtx.java
===================================================================
RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/EvaluationCtx.java,v
retrieving revision 1.2
retrieving revision 1.3
diff -C2 -d -r1.2 -r1.3
*** EvaluationCtx.java 16 Jun 2003 19:17:54 -0000 1.2
--- EvaluationCtx.java 22 Jul 2003 15:05:45 -0000 1.3
***************
*** 47,50 ****
--- 47,51 ----
import com.sun.xacml.ctx.RequestCtx;
import com.sun.xacml.ctx.Status;
+ import com.sun.xacml.ctx.Subject;
import com.sun.xacml.finder.AttributeFinder;
***************
*** 185,191 ****
Iterator it = subjects.iterator();
while (it.hasNext()) {
! List list = (List)(it.next());
! URI category = (URI)(list.get(0));
Map categoryMap = null;
--- 186,192 ----
Iterator it = subjects.iterator();
while (it.hasNext()) {
! Subject subject = (Subject)(it.next());
! URI category = subject.getCategory();
Map categoryMap = null;
***************
*** 199,203 ****
// iterate over the set of attributes
! Iterator attrIterator = ((Set)(list.get(1))).iterator();
while (attrIterator.hasNext()) {
--- 200,204 ----
// iterate over the set of attributes
! Iterator attrIterator = subject.getAttributes().iterator();
while (attrIterator.hasNext()) {
|
Update of /cvsroot/sunxacml/sunxacml/com/sun/xacml
In directory sc8-pr-cvs1:/tmp/cvs-serv19795/com/sun/xacml
Modified Files:
AbstractPolicy.java Policy.java PolicyReference.java
PolicySet.java Rule.java
Added Files:
PolicyTreeElement.java
Log Message:
added PolicyTreeElement interface and support for child management
--- NEW FILE: PolicyTreeElement.java ---
/*
* @(#)PolicyTreeElement.java
*
* Copyright 2003 Sun Microsystems, Inc. All Rights Reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
*
* 1. Redistribution of source code must retain the above copyright notice,
* this list of conditions and the following disclaimer.
*
* 2. Redistribution in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* Neither the name of Sun Microsystems, Inc. or the names of contributors may
* be used to endorse or promote products derived from this software without
* specific prior written permission.
*
* This software is provided "AS IS," without a warranty of any kind. ALL
* EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING
* ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE
* OR NON-INFRINGEMENT, ARE HEREBY EXCLUDED. SUN MICROSYSTEMS, INC. ("SUN")
* AND ITS LICENSORS SHALL NOT BE LIABLE FOR ANY DAMAGES SUFFERED BY LICENSEE
* AS A RESULT OF USING, MODIFYING OR DISTRIBUTING THIS SOFTWARE OR ITS
* DERIVATIVES. IN NO EVENT WILL SUN OR ITS LICENSORS BE LIABLE FOR ANY LOST
* REVENUE, PROFIT OR DATA, OR FOR DIRECT, INDIRECT, SPECIAL, CONSEQUENTIAL,
* INCIDENTAL OR PUNITIVE DAMAGES, HOWEVER CAUSED AND REGARDLESS OF THE THEORY
* OF LIABILITY, ARISING OUT OF THE USE OF OR INABILITY TO USE THIS SOFTWARE,
* EVEN IF SUN HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
*
* You acknowledge that this software is not designed or intended for use in
* the design, construction, operation or maintenance of any nuclear facility.
*/
package com.sun.xacml;
import com.sun.xacml.ctx.Result;
import java.net.URI;
import java.util.List;
/**
* This represents a single node in a policy tree. A node is either a policy
* set, a policy, or a rule. This interface is used to interact with these
* node types in a general way. Note that rules are leaf nodes in a policy
* tree as they never contain children.
*
* @author seth proctor
*/
public interface PolicyTreeElement
{
/**
* Returns the <code>List</code> of <code>PolicyTreeElement</code> objects
* that are the children of this node. If this node has no children then
* this list is empty. The children are returned as a <code>List</code>
* instead of some unordered collection because in cases like combining
* or evaluation the order is often important.
*
* @return the non-null <code>List</code> of children of this node
*/
public List getChildren();
/**
* Returns the given description of this element or null if
* there is no description
*
* @return the description or null
*/
public String getDescription();
/**
* Returns the id of this element
*
* @return the element's identifier
*/
public URI getId();
/**
* Returns the target for this element or null if there
* is no target
*
* @return the element's target
*/
public Target getTarget();
/**
* Given the input context sees whether or not the request matches this
* element's target. The rules for matching are different depending on
* the type of element being matched.
*
* @param context the representation of the request
*
* @return the result of trying to match this element and the request
*/
public MatchResult match(EvaluationCtx context);
/**
* Evaluates this element in the policy tree, and therefore all elements
* underneath this element. The rules for evaluation are different
* depending on the type of element being evaluated.
*
* @param context the representation of the request we're evaluating
*
* @return the result of the evaluation
*/
public Result evaluate(EvaluationCtx context);
}
Index: AbstractPolicy.java
===================================================================
RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/AbstractPolicy.java,v
retrieving revision 1.2
retrieving revision 1.3
diff -C2 -d -r1.2 -r1.3
*** AbstractPolicy.java 9 May 2003 20:50:23 -0000 1.2
--- AbstractPolicy.java 17 Jun 2003 18:23:52 -0000 1.3
***************
*** 45,48 ****
--- 45,49 ----
import java.util.ArrayList;
+ import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
***************
*** 61,65 ****
* @author Marco Barreno
*/
! public abstract class AbstractPolicy
{
--- 62,66 ----
* @author Marco Barreno
*/
! public abstract class AbstractPolicy implements PolicyTreeElement
{
***************
*** 81,86 ****
private String defaultVersion;
! // the things we run through the combining algorithm
! private List combiners;
// any obligations held by this policy
--- 82,87 ----
private String defaultVersion;
! // the elements we run through the combining algorithm
! private List children;
// any obligations held by this policy
***************
*** 143,149 ****
if (obligations == null)
! this.obligations = new HashSet();
else
! this.obligations = new HashSet(obligations);
}
--- 144,150 ----
if (obligations == null)
! this.obligations = Collections.EMPTY_SET;
else
! this.obligations = Collections.unmodifiableSet(obligations);
}
***************
*** 200,203 ****
--- 201,207 ----
}
}
+
+ // finally, make sure the set of obligations is immutable
+ obligations = Collections.unmodifiableSet(obligations);
}
***************
*** 283,286 ****
--- 287,302 ----
/**
+ * Returns the <code>List</code> of children under this node in the
+ * policy tree. Depending on what kind of policy this node represents
+ * the children will either be <code>AbstractPolicy</code> objects
+ * or <code>Rule</code>s.
+ *
+ * @return a <code>List</code> of child nodes
+ */
+ public List getChildren() {
+ return children;
+ }
+
+ /**
* Returns the Set of obligations for this policy, which may be empty
*
***************
*** 307,322 ****
/**
! * Sets the objects (<code>Rule</code> or <code>Policy</code> objects)
! * that are passed to the combining algorithm on evaluation.
*
! * @param combiners the rules or policies to give the combining alg
*/
! protected void setCombiners(List combiners) {
// we always want a concrete list, since we're going to pass it to
// a combiner that expects a non-null input
! if (combiners == null)
! this.combiners = new ArrayList();
! else
! this.combiners = new ArrayList(combiners);
}
--- 323,343 ----
/**
! * Sets the child policy tree elements for this node, which are passed
! * to the combining algorithm on evaluation. The <code>List</code> must
! * contain <code>Rule</code>s or <code>AbstractPolicy</code>s, but may
! * not contain both types of elements.
*
! * @param children the child elements used by the combining algorithm
*/
! protected void setChildren(List children) {
// we always want a concrete list, since we're going to pass it to
// a combiner that expects a non-null input
! if (children == null) {
! this.children = Collections.EMPTY_LIST;
! } else {
! // NOTE: since this is only getting called by known child
! // classes we don't check that the types are all the same
! this.children = Collections.unmodifiableList(children);
! }
}
***************
*** 333,337 ****
public Result evaluate(EvaluationCtx context) {
// evaluate
! Result result = combiningAlg.combine(context, combiners);
// if we have no obligations, we're done
--- 354,358 ----
public Result evaluate(EvaluationCtx context) {
// evaluate
! Result result = combiningAlg.combine(context, children);
// if we have no obligations, we're done
Index: Policy.java
===================================================================
RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/Policy.java,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -C2 -d -r1.1.1.1 -r1.2
*** Policy.java 13 Feb 2003 22:19:10 -0000 1.1.1.1
--- Policy.java 17 Jun 2003 18:23:52 -0000 1.2
***************
*** 46,49 ****
--- 46,50 ----
import java.util.ArrayList;
+ import java.util.Iterator;
import java.util.List;
import java.util.Set;
***************
*** 85,88 ****
--- 86,93 ----
* @param target the <code>Target</code> for this policy
* @param rules a list of <code>Rule</code> objects
+ *
+ * @throws IllegalArgumentException if the <code>List</code> of rules
+ * contains an object that is not a
+ * <code>Rule</code>
*/
public Policy(URI id, CombiningAlgorithm combiningAlg, Target target,
***************
*** 101,104 ****
--- 106,113 ----
* @param defaultVersion the XPath version to use
* @param rules a list of <code>Rule</code> objects
+ *
+ * @throws IllegalArgumentException if the <code>List</code> of rules
+ * contains an object that is not a
+ * <code>Rule</code>
*/
public Policy(URI id, CombiningAlgorithm combiningAlg, Target target,
***************
*** 117,120 ****
--- 126,133 ----
* @param target the <code>Target</code> for this policy
* @param rules a list of <code>Rule</code> objects
+ *
+ * @throws IllegalArgumentException if the <code>List</code> of rules
+ * contains an object that is not a
+ * <code>Rule</code>
*/
public Policy(URI id, CombiningAlgorithm combiningAlg, String description,
***************
*** 134,137 ****
--- 147,154 ----
* @param defaultVersion the XPath version to use
* @param rules a list of <code>Rule</code> objects
+ *
+ * @throws IllegalArgumentException if the <code>List</code> of rules
+ * contains an object that is not a
+ * <code>Rule</code>
*/
public Policy(URI id, CombiningAlgorithm combiningAlg, String description,
***************
*** 153,156 ****
--- 170,177 ----
* @param rules a list of <code>Rule</code> objects
* @param obligations a set of <code>Obligations</code> objects
+ *
+ * @throws IllegalArgumentException if the <code>List</code> of rules
+ * contains an object that is not a
+ * <code>Rule</code>
*/
public Policy(URI id, CombiningAlgorithm combiningAlg, String description,
***************
*** 160,164 ****
obligations);
! setCombiners(rules);
}
--- 181,195 ----
obligations);
! // check that the list contains only rules
! if (rules != null) {
! Iterator it = rules.iterator();
! while (it.hasNext()) {
! Object o = it.next();
! if (! (o instanceof Rule))
! throw new IllegalArgumentException("non-Rule in rules");
! }
! }
!
! setChildren(rules);
}
***************
*** 181,185 ****
}
! setCombiners(rules);
}
--- 212,216 ----
}
! setChildren(rules);
}
Index: PolicyReference.java
===================================================================
RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/PolicyReference.java,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -C2 -d -r1.1.1.1 -r1.2
*** PolicyReference.java 13 Feb 2003 22:19:10 -0000 1.1.1.1
--- PolicyReference.java 17 Jun 2003 18:23:52 -0000 1.2
***************
*** 48,51 ****
--- 48,52 ----
import java.util.ArrayList;
+ import java.util.List;
import java.util.Set;
***************
*** 210,213 ****
--- 211,227 ----
public String getDefaultVersion() {
return resolvePolicy().getDefaultVersion();
+ }
+
+ /**
+ * Returns the child policy nodes under this node in the policy tree. If
+ * the policy is invalid or can't be retrieved, then a runtime exception
+ * is thrown.
+ *
+ * @return the <code>List</code> of child policy nodes
+ *
+ * @throws ProcessingException if the referenced policy can't be retrieved
+ */
+ public List getChildren() {
+ return resolvePolicy().getChildren();
}
Index: PolicySet.java
===================================================================
RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/PolicySet.java,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -C2 -d -r1.1.1.1 -r1.2
*** PolicySet.java 13 Feb 2003 22:19:10 -0000 1.1.1.1
--- PolicySet.java 17 Jun 2003 18:23:52 -0000 1.2
***************
*** 48,51 ****
--- 48,52 ----
import java.util.ArrayList;
+ import java.util.Iterator;
import java.util.List;
import java.util.Set;
***************
*** 87,90 ****
--- 88,95 ----
* @param target the <code>Target</code> for this set
* @param policies a list of <code>AbstractPolicy</code> objects
+ *
+ * @throws IllegalArgumentException if the <code>List</code> of policies
+ * contains an object that is not an
+ * <code>AbstractPolicy</code>
*/
public PolicySet(URI id, CombiningAlgorithm combiningAlg, Target target,
***************
*** 103,106 ****
--- 108,115 ----
* @param policies a list of <code>AbstractPolicy</code> objects
* @param defaultVersion the XPath version to use
+ *
+ * @throws IllegalArgumentException if the <code>List</code> of policies
+ * contains an object that is not an
+ * <code>AbstractPolicy</code>
*/
public PolicySet(URI id, CombiningAlgorithm combiningAlg, Target target,
***************
*** 119,122 ****
--- 128,135 ----
* @param target the <code>Target</code> for this set
* @param policies a list of <code>AbstractPolicy</code> objects
+ *
+ * @throws IllegalArgumentException if the <code>List</code> of policies
+ * contains an object that is not an
+ * <code>AbstractPolicy</code>
*/
public PolicySet(URI id, CombiningAlgorithm combiningAlg,
***************
*** 136,139 ****
--- 149,156 ----
* @param policies a list of <code>AbstractPolicy</code> objects
* @param defaultVersion the XPath version to use
+ *
+ * @throws IllegalArgumentException if the <code>List</code> of policies
+ * contains an object that is not an
+ * <code>AbstractPolicy</code>
*/
public PolicySet(URI id, CombiningAlgorithm combiningAlg,
***************
*** 156,159 ****
--- 173,180 ----
* @param defaultVersion the XPath version to use
* @param obligations a set of <code>Obligation</code> objects
+ *
+ * @throws IllegalArgumentException if the <code>List</code> of policies
+ * contains an object that is not an
+ * <code>AbstractPolicy</code>
*/
public PolicySet(URI id, CombiningAlgorithm combiningAlg,
***************
*** 163,167 ****
obligations);
! setCombiners(policies);
}
--- 184,199 ----
obligations);
! // check that the list contains only AbstractPolicy objects
! if (policies != null) {
! Iterator it = policies.iterator();
! while (it.hasNext()) {
! Object o = it.next();
! if (! (o instanceof AbstractPolicy))
! throw new IllegalArgumentException("non-AbstractPolicy " +
! "in policies");
! }
! }
!
! setChildren(policies);
}
***************
*** 193,197 ****
}
! setCombiners(policies);
}
--- 225,229 ----
}
! setChildren(policies);
}
Index: Rule.java
===================================================================
RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/Rule.java,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -C2 -d -r1.1.1.1 -r1.2
*** Rule.java 13 Feb 2003 22:19:10 -0000 1.1.1.1
--- Rule.java 17 Jun 2003 18:23:52 -0000 1.2
***************
*** 43,50 ****
--- 43,55 ----
import com.sun.xacml.ctx.Result;
+ import com.sun.xacml.ctx.Status;
import java.net.URI;
import java.net.URISyntaxException;
+ import java.util.ArrayList;
+ import java.util.Collections;
+ import java.util.List;
+
import org.w3c.dom.NamedNodeMap;
import org.w3c.dom.Node;
***************
*** 59,63 ****
* @author Seth Proctor
*/
! public class Rule
{
--- 64,68 ----
* @author Seth Proctor
*/
! public class Rule implements PolicyTreeElement
{
***************
*** 184,187 ****
--- 189,202 ----
/**
+ * Since a rule is always a leaf in a policy tree because it can have
+ * no children, this always returns an empty <code>List</code>.
+ *
+ * @return a <code>List</code> with no elements
+ */
+ public List getChildren() {
+ return Collections.EMPTY_LIST;
+ }
+
+ /**
* Returns the condition for this <code>Rule</code> or null if there
* is no condition
***************
*** 194,201 ****
--- 209,247 ----
/**
+ * Given the input context sees whether or not the request matches this
+ * <code>Rule</code>'s <code>Target</code>. Note that unlike the matching
+ * done by the <code>evaluate</code> method, if the <code>Target</code>
+ * is missing than this will return Indeterminate. This lets you write
+ * your own custom matching routines for rules but lets evaluation
+ * proceed normally.
+ *
+ * @param context the representation of the request
+ *
+ * @return the result of trying to match this rule and the request
+ */
+ public MatchResult match(EvaluationCtx context) {
+ if (target == null) {
+ ArrayList code = new ArrayList();
+ code.add(Status.STATUS_PROCESSING_ERROR);
+ Status status = new Status(code, "no target available for " +
+ "matching a rule");
+
+ return new MatchResult(MatchResult.INDETERMINATE, status);
+ }
+
+ return target.match(context);
+ }
+
+ /**
* Evaluates the rule against the supplied context. This will check that
* the target matches, and then try to evaluate the condition. If the
* target and condition apply, then the rule's effect is returned in
* the result.
+ * <p>
+ * Note that rules are not required to have targets. If no target is
+ * specified, then the rule inherits its parent's target. In the event
+ * that this <code>Rule</code> has no <code>Target</code> then the
+ * match is assumed to be true, since evaluating a policy tree to this
+ * level required the parent's target to match.
*
* @param context the representation of the request we're evaluating
***************
*** 204,213 ****
*/
public Result evaluate(EvaluationCtx context) {
! // If the Target is null, then it's supposed to inherit from the
! // parent policy and use the same Taget. Since the parent's Target
! // must have matched in order for us to get to this point in the
! // evaluation we assume that the inherited Target also matches,
! // since it's the same match operation. Therefore, if there was no
! // Target supplied for this Rule, we just skip this step
if (target != null) {
MatchResult match = target.match(context);
--- 250,256 ----
*/
public Result evaluate(EvaluationCtx context) {
! // If the Target is null then it's supposed to inherit from the
! // parent policy, so we skip the matching step assuming we wouldn't
! // be here unless the parent matched
if (target != null) {
MatchResult match = target.match(context);
|
|
From: <se...@us...> - 2003-06-16 19:18:02
|
Update of /cvsroot/sunxacml/sunxacml/com/sun/xacml
In directory sc8-pr-cvs1:/tmp/cvs-serv10769/com/sun/xacml
Modified Files:
EvaluationCtx.java
Log Message:
make sure Request has at least one Subject
Index: EvaluationCtx.java
===================================================================
RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/EvaluationCtx.java,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -C2 -d -r1.1.1.1 -r1.2
*** EvaluationCtx.java 13 Feb 2003 22:19:10 -0000 1.1.1.1
--- EvaluationCtx.java 16 Jun 2003 19:17:54 -0000 1.2
***************
*** 177,181 ****
* objects.
*/
! private void setupSubjects(Set subjects) {
Iterator it = subjects.iterator();
while (it.hasNext()) {
--- 177,186 ----
* objects.
*/
! private void setupSubjects(Set subjects) throws ParsingException {
! // make sure that there is at least one Subject
! if (subjects.size() == 0)
! throw new ParsingException("Request must a contain subject");
!
! // now go through the subject attributes
Iterator it = subjects.iterator();
while (it.hasNext()) {
|
|
From: <se...@us...> - 2003-06-03 18:27:08
|
Update of /cvsroot/sunxacml/sunxacml/com/sun/xacml/ctx
In directory sc8-pr-cvs1:/tmp/cvs-serv11587
Modified Files:
RequestCtx.java
Log Message:
Fixed small bug
Index: RequestCtx.java
===================================================================
RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/ctx/RequestCtx.java,v
retrieving revision 1.2
retrieving revision 1.3
diff -C2 -d -r1.2 -r1.3
*** RequestCtx.java 27 May 2003 14:23:11 -0000 1.2
--- RequestCtx.java 3 Jun 2003 18:27:04 -0000 1.3
***************
*** 413,417 ****
while (it.hasNext()) {
List list = (List)(it.next());
! String category = ((URI)(list.get(0)).toString();
Set attrs = (Set)(list.get(1));
--- 413,417 ----
while (it.hasNext()) {
List list = (List)(it.next());
! String category = ((URI)(list.get(0))).toString();
Set attrs = (Set)(list.get(1));
|
|
From: <se...@us...> - 2003-05-27 14:23:14
|
Update of /cvsroot/sunxacml/sunxacml/com/sun/xacml/ctx
In directory sc8-pr-cvs1:/tmp/cvs-serv21082/com/sun/xacml/ctx
Modified Files:
RequestCtx.java
Log Message:
Index: RequestCtx.java
===================================================================
RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/ctx/RequestCtx.java,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -C2 -d -r1.1.1.1 -r1.2
*** RequestCtx.java 13 Feb 2003 22:19:10 -0000 1.1.1.1
--- RequestCtx.java 27 May 2003 14:23:11 -0000 1.2
***************
*** 328,332 ****
* Returns the subjects associated with this request. Note that this is
* a <code>Set</code> that contains any number of <code>List</code>s.
! * Each <code>List</code> contains exactly two items: a <code>String</code>
* specifying the category, and a <code>Set</code> that contains
* <code>Attribute</code>s listed in that category.
--- 328,332 ----
* Returns the subjects associated with this request. Note that this is
* a <code>Set</code> that contains any number of <code>List</code>s.
! * Each <code>List</code> contains exactly two items: a <code>URI</code>
* specifying the category, and a <code>Set</code> that contains
* <code>Attribute</code>s listed in that category.
***************
*** 413,417 ****
while (it.hasNext()) {
List list = (List)(it.next());
! String category = (String)(list.get(0));
Set attrs = (Set)(list.get(1));
--- 413,417 ----
while (it.hasNext()) {
List list = (List)(it.next());
! String category = ((URI)(list.get(0)).toString();
Set attrs = (Set)(list.get(1));
|
|
From: <se...@us...> - 2003-05-09 20:50:27
|
Update of /cvsroot/sunxacml/sunxacml/com/sun/xacml/combine
In directory sc8-pr-cvs1:/tmp/cvs-serv363/com/sun/xacml/combine
Modified Files:
CombiningAlgFactory.java
Log Message:
AbstractPolicy and CombiningFactory updates
Index: CombiningAlgFactory.java
===================================================================
RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/combine/CombiningAlgFactory.java,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -C2 -d -r1.1.1.1 -r1.2
*** CombiningAlgFactory.java 13 Feb 2003 22:19:10 -0000 1.1.1.1
--- CombiningAlgFactory.java 9 May 2003 20:50:23 -0000 1.2
***************
*** 107,111 ****
* @throws ProcessingException if the algId is already registered
*/
! public void addCombiningAlg(URI algId, CombiningAlgorithm alg)
throws ProcessingException
{
--- 107,111 ----
* @throws ProcessingException if the algId is already registered
*/
! public static void addCombiningAlg(URI algId, CombiningAlgorithm alg)
throws ProcessingException
{
|
|
From: <se...@us...> - 2003-05-09 20:50:26
|
Update of /cvsroot/sunxacml/sunxacml/com/sun/xacml
In directory sc8-pr-cvs1:/tmp/cvs-serv363/com/sun/xacml
Modified Files:
AbstractPolicy.java
Log Message:
AbstractPolicy and CombiningFactory updates
Index: AbstractPolicy.java
===================================================================
RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/AbstractPolicy.java,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -C2 -d -r1.1.1.1 -r1.2
*** AbstractPolicy.java 13 Feb 2003 22:19:10 -0000 1.1.1.1
--- AbstractPolicy.java 9 May 2003 20:50:23 -0000 1.2
***************
*** 120,128 ****
String description, Target target,
String defaultVersion) {
! idAttr = id;
! combiningAlg = combiningAlg;
! this.description = description;
! this.target = target;
! this.defaultVersion = defaultVersion;
}
--- 120,124 ----
String description, Target target,
String defaultVersion) {
! this(id, combiningAlg, description, target, defaultVersion, null);
}
***************
*** 141,145 ****
String defaultVersion, Set obligations) {
idAttr = id;
! combiningAlg = combiningAlg;
this.description = description;
this.target = target;
--- 137,141 ----
String defaultVersion, Set obligations) {
idAttr = id;
! this.combiningAlg = combiningAlg;
this.description = description;
this.target = target;
***************
*** 232,236 ****
Node node = nodes.item(i);
if (node.getNodeName().equals("XPathVersion")) {
! defaultVersion = node.getNodeValue();
if (! defaultVersion.equals(XPATH_1_0_VERSION)) {
throw new ParsingException("Unknown XPath version");
--- 228,232 ----
Node node = nodes.item(i);
if (node.getNodeName().equals("XPathVersion")) {
! defaultVersion = node.getFirstChild().getNodeValue();
if (! defaultVersion.equals(XPATH_1_0_VERSION)) {
throw new ParsingException("Unknown XPath version");
|
