|
From: <se...@us...> - 2003-08-14 23:02:00
|
Update of /cvsroot/sunxacml/sunxacml/com/sun/xacml/combine
In directory sc8-pr-cvs1:/tmp/cvs-serv25166/com/sun/xacml/combine
Modified Files:
CombiningAlgFactory.java DenyOverridesPolicyAlg.java
DenyOverridesRuleAlg.java PermitOverridesPolicyAlg.java
PermitOverridesRuleAlg.java RuleCombiningAlgorithm.java
Log Message:
Added support for the new ordered combining algs from 1.1 and added enforcement
code to make sure that Policy/PolicySet instances use the right kind of algs
Index: CombiningAlgFactory.java
===================================================================
RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/combine/CombiningAlgFactory.java,v
retrieving revision 1.2
retrieving revision 1.3
diff -C2 -d -r1.2 -r1.3
*** CombiningAlgFactory.java 9 May 2003 20:50:23 -0000 1.2
--- CombiningAlgFactory.java 14 Aug 2003 22:56:48 -0000 1.3
***************
*** 75,81 ****
--- 75,91 ----
new DenyOverridesPolicyAlg());
+ algMap.put(DenyOverridesRuleAlg.orderedAlgId,
+ new DenyOverridesRuleAlg());
+ algMap.put(DenyOverridesPolicyAlg.orderedAlgId,
+ new DenyOverridesPolicyAlg());
+
algMap.put(PermitOverridesRuleAlg.algId,
new PermitOverridesRuleAlg());
algMap.put(PermitOverridesPolicyAlg.algId,
+ new PermitOverridesPolicyAlg());
+
+ algMap.put(PermitOverridesRuleAlg.orderedAlgId,
+ new PermitOverridesRuleAlg());
+ algMap.put(PermitOverridesPolicyAlg.orderedAlgId,
new PermitOverridesPolicyAlg());
Index: DenyOverridesPolicyAlg.java
===================================================================
RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/combine/DenyOverridesPolicyAlg.java,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -C2 -d -r1.1.1.1 -r1.2
*** DenyOverridesPolicyAlg.java 13 Feb 2003 22:19:10 -0000 1.1.1.1
--- DenyOverridesPolicyAlg.java 14 Aug 2003 22:56:48 -0000 1.2
***************
*** 55,59 ****
* This is the standard Deny Overrides policy combining algorithm. It
* allows a single evaluation of Deny to take precedence over any number
! * of permit, not applicable or indeterminate results.
*
* @author Seth Proctor
--- 55,61 ----
* This is the standard Deny Overrides policy combining algorithm. It
* allows a single evaluation of Deny to take precedence over any number
! * of permit, not applicable or indeterminate results. Note that since
! * this implementation does an ordered evaluation, this class also
! * supports the Ordered Deny Overrides algorithm.
*
* @author Seth Proctor
***************
*** 68,71 ****
--- 70,80 ----
"urn:oasis:names:tc:xacml:1.0:policy-combining-algorithm:" +
"deny-overrides";
+
+ /**
+ * The standard URN used to identify the ordered version of this algorithm
+ */
+ public static final String orderedAlgId =
+ "urn:oasis:names:tc:xacml:1.0:policy-combining-algorithm:" +
+ "ordered-deny-overrides";
/**
Index: DenyOverridesRuleAlg.java
===================================================================
RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/combine/DenyOverridesRuleAlg.java,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -C2 -d -r1.1.1.1 -r1.2
*** DenyOverridesRuleAlg.java 13 Feb 2003 22:19:10 -0000 1.1.1.1
--- DenyOverridesRuleAlg.java 14 Aug 2003 22:56:48 -0000 1.2
***************
*** 52,56 ****
* This is the standard Deny Overrides rule combining algorithm. It
* allows a single evaluation of Deny to take precedence over any number
! * of permit, not applicable or indeterminate results.
*
* @author Seth Proctor
--- 52,58 ----
* This is the standard Deny Overrides rule combining algorithm. It
* allows a single evaluation of Deny to take precedence over any number
! * of permit, not applicable or indeterminate results. Note that since
! * this implementation does an ordered evaluation, this class also
! * supports the Ordered Deny Overrides algorithm.
*
* @author Seth Proctor
***************
*** 65,68 ****
--- 67,77 ----
"urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:" +
"deny-overrides";
+
+ /**
+ * The standard URN used to identify the ordered version of this algorithm
+ */
+ public static final String orderedAlgId =
+ "urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:" +
+ "ordered-deny-overrides";
/**
Index: PermitOverridesPolicyAlg.java
===================================================================
RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/combine/PermitOverridesPolicyAlg.java,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -C2 -d -r1.1.1.1 -r1.2
*** PermitOverridesPolicyAlg.java 13 Feb 2003 22:19:10 -0000 1.1.1.1
--- PermitOverridesPolicyAlg.java 14 Aug 2003 22:56:48 -0000 1.2
***************
*** 55,59 ****
* This is the standard Permit Overrides policy combining algorithm. It
* allows a single evaluation of Permit to take precedence over any number
! * of deny, not applicable or indeterminate results.
*
* @author Seth Proctor
--- 55,61 ----
* This is the standard Permit Overrides policy combining algorithm. It
* allows a single evaluation of Permit to take precedence over any number
! * of deny, not applicable or indeterminate results. Note that since
! * this implementation does an ordered evaluation, this class also
! * supports the Ordered Permit Overrides algorithm.
*
* @author Seth Proctor
***************
*** 68,71 ****
--- 70,80 ----
"urn:oasis:names:tc:xacml:1.0:policy-combining-algorithm:" +
"permit-overrides";
+
+ /**
+ * The standard URN used to identify the ordered version of this algorithm
+ */
+ public static final String orderedAlgId =
+ "urn:oasis:names:tc:xacml:1.0:policy-combining-algorithm:" +
+ "ordered-permit-overrides";
/**
Index: PermitOverridesRuleAlg.java
===================================================================
RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/combine/PermitOverridesRuleAlg.java,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -C2 -d -r1.1.1.1 -r1.2
*** PermitOverridesRuleAlg.java 13 Feb 2003 22:19:10 -0000 1.1.1.1
--- PermitOverridesRuleAlg.java 14 Aug 2003 22:56:48 -0000 1.2
***************
*** 52,56 ****
* This is the standard Permit Overrides rule combining algorithm. It
* allows a single evaluation of Permit to take precedence over any number
! * of deny, not applicable or indeterminate results.
*
* @author Seth Proctor
--- 52,58 ----
* This is the standard Permit Overrides rule combining algorithm. It
* allows a single evaluation of Permit to take precedence over any number
! * of deny, not applicable or indeterminate results. Note that since
! * this implementation does an ordered evaluation, this class also
! * supports the Ordered Permit Overrides algorithm.
*
* @author Seth Proctor
***************
*** 65,68 ****
--- 67,77 ----
"urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:" +
"permit-overrides";
+
+ /**
+ * The standard URN used to identify the ordered version of this algorithm
+ */
+ public static final String orderedAlgId =
+ "urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:" +
+ "ordered-permit-overrides";
/**
Index: RuleCombiningAlgorithm.java
===================================================================
RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/combine/RuleCombiningAlgorithm.java,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -C2 -d -r1.1.1.1 -r1.2
*** RuleCombiningAlgorithm.java 13 Feb 2003 22:19:10 -0000 1.1.1.1
--- RuleCombiningAlgorithm.java 14 Aug 2003 22:56:48 -0000 1.2
***************
*** 54,58 ****
/**
! * Combines the policies based on the context to produce some unified
* result. This is the one function of a combining algorithm.
*
--- 54,58 ----
/**
! * Combines the rules based on the context to produce some unified
* result. This is the one function of a combining algorithm.
*
|
