result = context.getSubjectAttribute(type, id, issuer, subjectCategory); break; case RESOURCE_TARGET: result = context.getResourceAttribute(type, id, issuer); break; case ACTION_TARGET: result = context.getActionAttribute(type, id, issuer); break; case ENVIRONMENT_TARGET: result = context.getEnvironmentAttribute(type, id, issuer); break;
/** * Handles requests for the current Date. */ private EvaluationResult handleDate(URI type, URI issuer, EvaluationCtx context) { // make sure they're asking for a date attribute if (! type.toString().equals(DateAttribute.identifier)) return new EvaluationResult(BagAttribute. createEmptyBag(type)); // get the value from the context return makeBag(context.getCurrentDate()); }
/** * Handles requests for the current DateTime. */ private EvaluationResult handleDateTime(URI type, URI issuer, EvaluationCtx context) { // make sure they're asking for a dateTime attribute if (! type.toString().equals(DateTimeAttribute.identifier)) return new EvaluationResult(BagAttribute. createEmptyBag(type)); // get the value from the context return makeBag(context.getCurrentDateTime()); }
/** * Applies the combining rule to the set of rules based on the * evaluation context. * * @param context the context from the request * @param parameters a (possibly empty) non-null <code>List</code> of * <code>CombinerParameter<code>s * @param ruleElements the rules to combine * * @return the result of running the combining algorithm */ public Result combine(EvaluationCtx context, List parameters, List ruleElements) { Iterator it = ruleElements.iterator(); while (it.hasNext()) { Rule rule = ((RuleCombinerElement)(it.next())).getRule(); Result result = rule.evaluate(context); int value = result.getDecision(); // in the case of PERMIT, DENY, or INDETERMINATE, we always // just return that result, so only on a rule that doesn't // apply do we keep going... if (value != Result.DECISION_NOT_APPLICABLE) return result; } // if we got here, then none of the rules applied return new Result(Result.DECISION_NOT_APPLICABLE, context.getResourceId().encode()); }
public static String getPid(EvaluationCtx context) { EvaluationResult attribute = context.getResourceAttribute(STRING_ATTRIBUTE, Constants.OBJECT.PID.attributeId, null); BagAttribute element = getAttributeFromEvaluationResult(attribute); if (element == null) { logger.debug("PolicyFinderModule:getPid exit on can't get pid on request callback"); return null; } if (!(element.getType().equals(STRING_ATTRIBUTE))) { logger.debug("PolicyFinderModule:getPid exit on couldn't get pid from xacml request non-string returned"); return null; } return (element.size() == 1) ? (String) element.getValue() : null; }
if (context.getScope() != EvaluationCtx.SCOPE_IMMEDIATE) { AttributeValue parent = context.getResourceId(); ResourceFinderResult resourceResult = null; if (context.getScope() == EvaluationCtx.SCOPE_CHILDREN) resourceResult = resourceFinder.findChildResources(parent, context); ResponseCtx(new Result(Result.DECISION_INDETERMINATE, new Status(code, msg), context.getResourceId().encode())); context.setResourceId(resource);
private final String getContextId(EvaluationCtx context) { final URI contextIdType = STRING_ATTRIBUTE_TYPE_URI; final URI contextIdId = Constants.ACTION.CONTEXT_ID.attributeId; logger.debug("ContextAttributeFinder:findAttribute about to call getAttributeFromEvaluationCtx"); EvaluationResult attribute = context.getActionAttribute(contextIdType, contextIdId, null); Object element = getAttributeFromEvaluationResult(attribute); if (element == null) { logger.debug("ContextAttributeFinder:getContextId exit on can't get contextId on request callback"); return null; } if (!(element instanceof StringAttribute)) { logger.debug("ContextAttributeFinder:getContextId exit on couldn't get contextId from xacml request non-string returned"); return null; } String contextId = ((StringAttribute) element).getValue(); if (contextId == null) { logger.debug("ContextAttributeFinder:getContextId exit on null contextId"); return null; } if (!validContextId(contextId)) { logger.debug("ContextAttributeFinder:getContextId exit on invalid context-id"); return null; } return contextId; }
context.getSubjectAttribute(STRING_DATATYPE, userId, category); if (userER == null) { return new EvaluationResult(BagAttribute
/** * Handles requests for the current Time. */ private EvaluationResult handleTime(URI type, URI issuer, EvaluationCtx context) { // make sure they're asking for a time attribute if (! type.toString().equals(TimeAttribute.identifier)) return new EvaluationResult(BagAttribute. createEmptyBag(type)); // get the value from the context return makeBag(context.getCurrentTime()); }
EvaluationResult result = context.getAttribute(contextPath, policyRoot, type, xpathVersion);
return new Result(Result.DECISION_INDETERMINATE, match.getStatus(), context.getResourceId().encode()); return new Result(Result.DECISION_INDETERMINATE, new Status(code, message), context.getResourceId().encode()); context.getResourceId().encode());
public static String getPid(EvaluationCtx context) { EvaluationResult attribute = context.getResourceAttribute(STRING_ATTRIBUTE, Constants.OBJECT.PID.attributeId, null); BagAttribute element = getAttributeFromEvaluationResult(attribute); if (element == null) { logger.debug("PolicyFinderModule:getPid exit on can't get pid on request callback"); return null; } if (!(element.getType().equals(STRING_ATTRIBUTE))) { logger.debug("PolicyFinderModule:getPid exit on couldn't get pid from xacml request non-string returned"); return null; } return (element.size() == 1) ? (String) element.getValue() : null; }
private final String getContextId(EvaluationCtx context) { final URI contextIdType = STRING_ATTRIBUTE_TYPE_URI; final URI contextIdId = Constants.ACTION.CONTEXT_ID.attributeId; logger.debug("ContextAttributeFinder:findAttribute about to call getAttributeFromEvaluationCtx"); EvaluationResult attribute = context.getActionAttribute(contextIdType, contextIdId, null); Object element = getAttributeFromEvaluationResult(attribute); if (element == null) { logger.debug("ContextAttributeFinder:getContextId exit on can't get contextId on request callback"); return null; } if (!(element instanceof StringAttribute)) { logger.debug("ContextAttributeFinder:getContextId exit on couldn't get contextId from xacml request non-string returned"); return null; } String contextId = ((StringAttribute) element).getValue(); if (contextId == null) { logger.debug("ContextAttributeFinder:getContextId exit on null contextId"); return null; } if (!validContextId(contextId)) { logger.debug("ContextAttributeFinder:getContextId exit on invalid context-id"); return null; } return contextId; }
for (String attributeId : im.keySet()) { EvaluationResult result = eval.getSubjectAttribute(new URI(im.get(attributeId)), new URI(attributeId), defaultCategoryURI); for (String attributeId : im.keySet()) { EvaluationResult result = eval.getResourceAttribute(new URI(im.get(attributeId)), new URI(attributeId), null); for (String attributeId : im.keySet()) { EvaluationResult result = eval.getActionAttribute(new URI(im.get(attributeId)), new URI(attributeId), null); URI attrId = new URI(attributeId); EvaluationResult result = eval.getEnvironmentAttribute(imAttrId, attrId, null); if (result.getStatus() == null && !result.indeterminate()) { AttributeValue attr = result.getAttributeValue();
context.getResourceId().encode()); (effect == Result.DECISION_INDETERMINATE)) return new Result(Result.DECISION_DENY, context.getResourceId().encode(), result.getObligations()); context.getResourceId().encode(), permitObligations); else return new Result(Result.DECISION_NOT_APPLICABLE, context.getResourceId().encode());
private final String getDatastreamId(EvaluationCtx context) { EvaluationResult attribute = context.getResourceAttribute(STRING_ATTRIBUTE_TYPE_URI, Constants.DATASTREAM.ID.attributeId, null); Object element = getAttributeFromEvaluationResult(attribute); if (element == null) { logger.debug("getDatastreamId: exit on can't get resource-id on request callback"); return null; } if (!(element instanceof StringAttribute)) { logger.debug("getDatastreamId: exit on " + "couldn't get resource-id from xacml request " + "non-string returned"); return null; } String datastreamId = ((StringAttribute) element).getValue(); if (datastreamId == null) { logger.debug("getDatastreamId: exit on null resource-id"); return null; } if (!validDatastreamId(datastreamId)) { logger.debug("invalid resource-id: datastreamId is not valid"); return null; } return datastreamId; }
int designatorType) { String resourceId = context.getResourceId().encode(); if (resourceId == null || resourceId.isEmpty()) { String pid = PolicyFinderModule.getPid(context);
private final String getDatastreamId(EvaluationCtx context) { EvaluationResult attribute = context.getResourceAttribute(STRING_ATTRIBUTE_TYPE_URI, Constants.DATASTREAM.ID.attributeId, null); Object element = getAttributeFromEvaluationResult(attribute); if (element == null) { logger.debug("getDatastreamId: exit on can't get resource-id on request callback"); return null; } if (!(element instanceof StringAttribute)) { logger.debug("getDatastreamId: exit on " + "couldn't get resource-id from xacml request " + "non-string returned"); return null; } String datastreamId = ((StringAttribute) element).getValue(); if (datastreamId == null) { logger.debug("getDatastreamId: exit on null resource-id"); return null; } if (!validDatastreamId(datastreamId)) { logger.debug("invalid resource-id: datastreamId is not valid"); return null; } return datastreamId; }
int designatorType) { String resourceId = context.getResourceId().encode(); if (resourceId == null || resourceId.isEmpty()) { String pid = PolicyFinderModule.getPid(context);
int designatorType) { String resourceId = context.getResourceId().encode(); if (logger.isDebugEnabled()) { logger.debug("RIAttributeFinder: [" + attributeType.toString() + "] "