Examples of com.sun.xacml.AbstractPolicy

com.sun.xacml.AbstractPolicy
Represents an instance of an XACML policy. @since 1.0 @author Seth Proctor @author Marco Barreno

    public Result combine(EvaluationCtx context, List<CombinerParameter> parameters,
            List<? extends CombinerElement> policyElements) {
        Iterator<? extends CombinerElement> it = policyElements.iterator();


        while (it.hasNext()) {
            AbstractPolicy policy = ((PolicyCombinerElement) (it.next())).getPolicy();


            // make sure that the policy matches the context
            MatchResult match = policy.match(context);


            if (match.getResult() == MatchResult.INDETERMINATE)
                return new Result(Result.DECISION_INDETERMINATE, match.getStatus(), context
                        .getResourceId().encode());


            if (match.getResult() == MatchResult.MATCH) {
                // evaluate the policy
                Result result = policy.evaluate(context);
                int effect = result.getDecision();


                // in the case of PERMIT, DENY, or INDETERMINATE, we always
                // just return that result, so only on a rule that doesn't
                // apply do we keep going...

View Full Code Here

        Set<Obligation> denyObligations = new HashSet<Obligation>();
        Status firstIndeterminateStatus = null;
        Iterator<? extends CombinerElement> it = policyElements.iterator();


        while (it.hasNext()) {
            AbstractPolicy policy = ((PolicyCombinerElement) (it.next())).getPolicy();


            // make sure that the policy matches the context
            MatchResult match = policy.match(context);


            if (match.getResult() == MatchResult.INDETERMINATE) {
                atLeastOneError = true;


                // keep track of the first error, regardless of cause
                if (firstIndeterminateStatus == null)
                    firstIndeterminateStatus = match.getStatus();
            } else if (match.getResult() == MatchResult.MATCH) {
                // now we evaluate the policy
                Result result = policy.evaluate(context);
                int effect = result.getDecision();


                // this is a little different from DenyOverrides...


                if (effect == Result.DECISION_PERMIT)

View Full Code Here

    public void init(PolicyFinder finder) {
        PolicyReader reader = new PolicyReader(finder, logger, schemaFile);


        for (String fname : fileNames) {
            try {
                AbstractPolicy policy = reader.readPolicy(new FileInputStream(fname));
                policies.addPolicy(policy);
            } catch (FileNotFoundException fnfe) {
                if (logger.isLoggable(Level.WARNING))
                    logger.log(Level.WARNING, "File couldn't be read: " + fname, fnfe);
            } catch (ParsingException pe) {

View Full Code Here

     * 
     * @return the result of trying to find an applicable policy
     */
    public PolicyFinderResult findPolicy(EvaluationCtx context) {
        try {
            AbstractPolicy policy = policies.getPolicy(context);
            if (policy == null)
                return new PolicyFinderResult();
            else
                return new PolicyFinderResult(policy);
        } catch (TopLevelPolicyException tlpe) {

View Full Code Here

     * @param indenter
     *            an object that creates indentation strings
     */
    public void encode(OutputStream output, Indenter indenter) {
        if (!getParameters().isEmpty()) {
            AbstractPolicy policy = getPolicy();


            // FIXME: This is ugly and happens in several places...maybe this
            // should get folded into the AbstractPolicy API?
            if (policy instanceof Policy) {
                encodeParamaters(output, indenter, "Policy", policy.getId().toString());
            } else if (policy instanceof PolicySet) {
                encodeParamaters(output, indenter, "PolicySet", policy.getId().toString());
            } else {
                PolicyReference ref = (PolicyReference) policy;
                if (ref.getReferenceType() == PolicyReference.POLICY_REFERENCE)
                    encodeParamaters(output, indenter, "Policy", ref.getReference().toString());
                else

View Full Code Here

        boolean atLeastOnePermit = false;
        Set<Obligation> permitObligations = new HashSet<Obligation>();
        Iterator<? extends CombinerElement> it = policyElements.iterator();


        while (it.hasNext()) {
            AbstractPolicy policy = ((PolicyCombinerElement) (it.next())).getPolicy();


            // make sure that the policy matches the context
            MatchResult match = policy.match(context);


            if (match.getResult() == MatchResult.INDETERMINATE)
                return new Result(Result.DECISION_DENY, context.getResourceId().encode());


            if (match.getResult() == MatchResult.MATCH) {
                // evaluate the policy
                Result result = policy.evaluate(context);
                int effect = result.getDecision();


                // unlike in the RuleCombining version of this alg, we always
                // return DENY if any Policy returns DENY or INDETERMINATE
                if ((effect == Result.DECISION_DENY) || (effect == Result.DECISION_INDETERMINATE))

View Full Code Here

     *             if the policy cannot be loaded
     */
    public void setPolicies(String policyFile) throws Exception {
        policies.clear();


        AbstractPolicy policy = loadPolicy(policyFile, finder);
        if (policy == null)
            throw new Exception("failed to load policy");


        policies.add(policy);
    }

View Full Code Here

        Iterator<String> it = policyFiles.iterator();


        policies.clear();


        while (it.hasNext()) {
            AbstractPolicy policy = loadPolicy(it.next(), finder);
            if (policy == null)
                throw new Exception("failed to load policy");


            policies.add(policy);
        }

View Full Code Here

     *            the evaluation context
     * 
     * @return an applicable policy, if one exists, or an error
     */
    public PolicyFinderResult findPolicy(EvaluationCtx context) {
        AbstractPolicy selectedPolicy = null;
        Iterator<AbstractPolicy> it = policies.iterator();


        // iterate through all the policies we currently have loaded
        while (it.hasNext()) {
            AbstractPolicy policy = it.next();
            MatchResult match = policy.match(context);
            int result = match.getResult();


            // if target matching was indeterminate, then return the error
            if (result == MatchResult.INDETERMINATE)
                return new PolicyFinderResult(match.getStatus());

View Full Code Here

            fileName = policyRefPrefix + fileName;
        else
            fileName = policySetRefPrefix + fileName;


        // load the referenced policy
        AbstractPolicy policy = loadPolicy(fileName, finder);


        // if there was an error loading the policy, return the error
        if (policy == null) {
            ArrayList<String> code = new ArrayList<String>();
            code.add(Status.STATUS_PROCESSING_ERROR);

View Full Code Here

0 1 2 3 4 5 6 7

TOP

Related Classes of com.sun.xacml.AbstractPolicy

com.sun.xacml.combine.CombiningAlgFactory

com.sun.xacml.combine.DenyOverridesPolicyAlg

com.sun.xacml.combine.FirstApplicablePolicyAlg

com.sun.xacml.combine.OnlyOneApplicablePolicyAlg

com.sun.xacml.combine.PermitOverridesPolicyAlg

com.sun.xacml.combine.PolicyCombinerElement

com.sun.xacml.ctx.Result

com.sun.xacml.support.finder.BasicPolicyFinderModule

com.sun.xacml.support.finder.FilePolicyModule

com.sun.xacml.support.finder.PolicyCollection

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.