Package org.jboss.security.xacml.sunxacml.ctx

Examples of org.jboss.security.xacml.sunxacml.ctx.Result

241
242
243
244
245
246
247
248
249
250
         InputStream responseStream = new FileInputStream(responseFile);
         if(responseStream  == null)
            throw new IllegalStateException("responseStream for IID0"+ i + " is null");
         ResponseCtx expectedResponse = ResponseCtx.getInstance(responseStream);

         Result actualResult = (Result) actualResponse.getResults().iterator().next();
         Result expectedResult = (Result) expectedResponse.getResults().iterator().next();
         assertEquals("IID0"+i, expectedResult.getDecision(),actualResult.getDecision());
      }
   }
View Full Code Here
278
279
280
281
282
283
284
285
286
287
         InputStream responseStream = new FileInputStream(responseFile);
         if(responseStream  == null)
            throw new IllegalStateException("responseStream for IIE0"+ i + " is null");
         ResponseCtx expectedResponse = ResponseCtx.getInstance(responseStream);

         Result actualResult = (Result) actualResponse.getResults().iterator().next();
         Result expectedResult = (Result) expectedResponse.getResults().iterator().next();
         assertEquals("IIE0"+i, expectedResult.getDecision(),actualResult.getDecision());
      }
   }
View Full Code Here
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
            int result = match.getResult();

            // if there is an error in trying to match any of the targets,
            // we always return INDETERMINATE immediately
            if (result == MatchResult.INDETERMINATE)
                return new Result(Result.DECISION_INDETERMINATE,
                                  match.getStatus(),
                                  context.getResourceId().encode());
           
            if (result == MatchResult.MATCH) {
                // if this isn't the first match, then this is an error
                if (atLeastOne) {
                    List code = new ArrayList();
                    code.add(Status.STATUS_PROCESSING_ERROR);
                    String message = "Too many applicable policies";
                    return new Result(Result.DECISION_INDETERMINATE,
                                      new Status(code, message),
                                      context.getResourceId().encode());
                }

                // if this was the first applicable policy in the set, then
                // remember it for later
                atLeastOne = true;
                selectedPolicy = policy;
            }
        }

        // if we got through the loop and found exactly one match, then
        // we return the evaluation result of that policy
        if (atLeastOne)
            return selectedPolicy.evaluate(context);

        // if we didn't find a matching policy, then we don't apply
        return new Result(Result.DECISION_NOT_APPLICABLE,
                          context.getResourceId().encode());
    }
View Full Code Here
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
            // make sure that the policy matches the context
            MatchResult match = policy.match(context);

            if (match.getResult() == MatchResult.INDETERMINATE)
                return new Result(Result.DECISION_INDETERMINATE,
                                  match.getStatus(),
                                  context.getResourceId().encode());

            if (match.getResult() == MatchResult.MATCH) {
                // evaluate the policy
                Result result = policy.evaluate(context);
                int effect = result.getDecision();
               
                // in the case of PERMIT, DENY, or INDETERMINATE, we always
                // just return that result, so only on a rule that doesn't
                // apply do we keep going...
                if (effect != Result.DECISION_NOT_APPLICABLE)
                    return result;
            }
        }

        // if we got here, then none of the rules applied
        return new Result(Result.DECISION_NOT_APPLICABLE,
                          context.getResourceId().encode());
    }
View Full Code Here
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
    public Result combine(EvaluationCtx context, List parameters,
                          List ruleElements) {
        boolean atLeastOneError = false;
        boolean potentialDeny = false;
        boolean atLeastOnePermit = false;
        Result firstIndeterminateResult = null;
        Iterator it = ruleElements.iterator();

        while (it.hasNext()) {
            Rule rule = ((RuleCombinerElement)(it.next())).getRule();
            Result result = rule.evaluate(context);
            int value = result.getDecision();
           
            logger.log(Level.FINE, "Rule id:"+rule.getId().toASCIIString()+":result="+value);
           
            // if there was a value of DENY, then regardless of what else
            // we've seen, we always return DENY
            if (value == Result.DECISION_DENY)
                return result;
           
            // if it was INDETERMINATE, then we couldn't figure something
            // out, so we keep track of these cases...
            if (value == Result.DECISION_INDETERMINATE) {
                atLeastOneError = true;

                // there are no rules about what to do if multiple cases
                // cause errors, so we'll just return the first one
                if (firstIndeterminateResult == null)
                    firstIndeterminateResult = result;

                // if the Rule's effect is DENY, then we can't let this
                // alg return PERMIT, since this Rule might have denied
                // if it could do its stuff
                if (rule.getEffect() == Result.DECISION_DENY)
                    potentialDeny = true;
            } else {
                // keep track of whether we had at least one rule that
                // actually pertained to the request
                if (value == Result.DECISION_PERMIT)
                    atLeastOnePermit = true;
            }
        }
       
        // we didn't explicitly DENY, but we might have had some Rule
        // been evaluated, so we have to return INDETERMINATE
        if (potentialDeny)
            return firstIndeterminateResult;
       
        // some Rule said PERMIT, so since nothing could have denied,
        // we return PERMIT
        if (atLeastOnePermit)
            return new Result(Result.DECISION_PERMIT,
                              context.getResourceId().encode());
       
        // we didn't find anything that said PERMIT, but if we had a
        // problem with one of the Rules, then we're INDETERMINATE
        if (atLeastOneError)
            return firstIndeterminateResult;
       
        // if we hit this point, then none of the rules actually applied
        // to us, so we return NOT_APPLICABLE
        return new Result(Result.DECISION_NOT_APPLICABLE,
                          context.getResourceId().encode());
    }
View Full Code Here
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
                // keep track of the first error, regardless of cause
                if (firstIndeterminateStatus == null)
                    firstIndeterminateStatus = match.getStatus();
            } else if (match.getResult() == MatchResult.MATCH) {
                // now we evaluate the policy
                Result result = policy.evaluate(context);
                int effect = result.getDecision();
               
                // this is a little different from DenyOverrides...

                if (effect == Result.DECISION_PERMIT)
                    return result;
               
                if (effect == Result.DECISION_DENY) {
                    atLeastOneDeny = true;
                    denyObligations.addAll(result.getObligations());
                } else if (effect == Result.DECISION_INDETERMINATE) {
                    atLeastOneError = true;

                    // keep track of the first error, regardless of cause
                    if (firstIndeterminateStatus == null)
                        firstIndeterminateStatus = result.getStatus();
                }
            }
        }

        // if we got a DENY, return it
        if (atLeastOneDeny)
            return new Result(Result.DECISION_DENY,
                              context.getResourceId().encode(),
                              denyObligations);
       
        // if we got an INDETERMINATE, return it
        if (atLeastOneError)
            return new Result(Result.DECISION_INDETERMINATE,
                              firstIndeterminateStatus,
                              context.getResourceId().encode());
       
        // if we got here, then nothing applied to us
        return new Result(Result.DECISION_NOT_APPLICABLE,
                          context.getResourceId().encode());
    }
View Full Code Here
93
94
95
96
97
98
99
100
101
102
103
   {
      ResponseCtx response = (ResponseCtx) map.get(XACMLConstants.RESPONSE_CTX);
      if (response != null)
      {
         Set<Result> results = response.getResults();
         Result res = results.iterator().next();
         decision = res.getDecision();
      }
      return decision;

   }
View Full Code Here
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
      ResultType resultType = objectFactory.createResultType();
      ResponseCtx response = (ResponseCtx) map.get(XACMLConstants.RESPONSE_CTX);
      if (response != null)
      {
         //Resource ID
         Result result = (Result) response.getResults().iterator().next();
         resultType.setResourceId(result.getResource());
        
         //Decision
         int decision = result.getDecision();
         switch(decision)
         {
            case 0:
               resultType.setDecision(DecisionType.PERMIT);
               break;
            case 1:
               resultType.setDecision(DecisionType.DENY);
               break;
            case 2:
               resultType.setDecision(DecisionType.INDETERMINATE);
               break;
            case 3:
               resultType.setDecision(DecisionType.NOT_APPLICABLE);
               break;
            default:
               throw new IllegalStateException("Unknown code");
         }
         //Status
         Status status = result.getStatus();
         StatusType statusType = objectFactory.createStatusType();
         StatusCodeType statusCodeType = objectFactory.createStatusCodeType();
         List statusList = status.getCode();
         if(statusList != null && statusList.size() > 0)
         {
            statusCodeType.setValue((String) statusList.get(0));
         }
         statusType.setStatusMessage(status.getMessage());
         statusType.setStatusCode(statusCodeType);
         resultType.setStatus(statusType);
        
         //Obligations
         Set<Obligation> obligationsSet = result.getObligations();
         if(obligationsSet != null)
         {
            for(Obligation obl:obligationsSet)
            {
               ObligationType obType = new ObligationType();
View Full Code Here
TOP

Related Classes of org.jboss.security.xacml.sunxacml.ctx.Result

  • org.jboss.security.xacml.core.JBossResponseContext
  • org.jboss.security.xacml.sunxacml.AbstractPolicy
  • org.jboss.security.xacml.sunxacml.combine.DenyOverridesPolicyAlg
  • org.jboss.security.xacml.sunxacml.combine.DenyOverridesRuleAlg
  • org.jboss.security.xacml.sunxacml.combine.FirstApplicablePolicyAlg
  • org.jboss.security.xacml.sunxacml.combine.FirstApplicableRuleAlg
  • org.jboss.security.xacml.sunxacml.combine.OnlyOneApplicablePolicyAlg
  • org.jboss.security.xacml.sunxacml.combine.PermitOverridesPolicyAlg
  • org.jboss.security.xacml.sunxacml.combine.PermitOverridesRuleAlg
  • org.jboss.security.xacml.sunxacml.Indenter
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.