Merge branch 'release/13.1.0'

.travis.yml

 language: java
 jdk:
   - openjdk8
+  
+after_success:
+- bash <(curl -s https://codecov.io/bash)

CHANGELOG.md

@@ -6,6 +6,25 @@ All notable changes to this project are documented in this file following the [K
 - Issues reported on [OW2's JIRA](https://jira.ow2.org/browse/AUTHZFORCE/) are referenced in the form of `[JIRA-N]`, where N is the issue number.
 - Issues reported on [OW2's GitLab](https://gitlab.ow2.org/authzforce/core/issues) are referenced in the form of `[GL-N]`, where N is the issue number.
 
+## 13.1.0
+### Changed
+- Maven parent project version: 7.3.0
+- Maven dependencies:
+  - authzforce-ce-core-pdp-api: 15.1.0
+  - Spring: 4.3.14.RELEASE
+  - logback-classic: 1.2.3
+  - authzforce-ce-xacml-json-model: 2.0.0
+   
+### Fixed
+- Fixed #13: changed pdp-testutils module's dependencies: 
+  - mongo-java-driver: 2.14.12 -> 3.5.0
+  - jongo: 1.3.0 -> 1.4.0
+
+### Added
+- PDP configuration schema (`pdp.xsd`) / StaticRefPolicyProvider XML type: 
+  - Added support for recursive directory searching of policies, e.g. pattern '.../*/*.xml' for searching on two directory levels
+  - Added option to ignore old versions (keep only the latest) when multiple versions of same policy ID found: `ignoreOldVersions=true`
+
 
 ## 13.0.0 
 ### Changed

pdp-cli/pom.xml

@@ -3,7 +3,7 @@
    <parent>
       <groupId>org.ow2.authzforce</groupId>
       <artifactId>authzforce-ce-core</artifactId>
-      <version>13.0.0</version>
+      <version>13.1.0</version>
       <relativePath>..</relativePath>
    </parent>
    <artifactId>authzforce-ce-core-pdp-cli</artifactId>
@@ -30,12 +30,12 @@
       <dependency>
          <groupId>org.ow2.authzforce</groupId>
          <artifactId>authzforce-ce-core-pdp-engine</artifactId>
-         <version>13.0.0</version>
+         <version>13.1.0</version>
       </dependency>
       <dependency>
          <groupId>org.ow2.authzforce</groupId>
          <artifactId>authzforce-ce-core-pdp-io-xacml-json</artifactId>
-         <version>13.0.0</version>
+         <version>13.1.0</version>
       </dependency>
       <dependency>
          <groupId>org.testng</groupId>
@@ -46,7 +46,7 @@
       <dependency>
          <groupId>org.ow2.authzforce</groupId>
          <artifactId>authzforce-ce-core-pdp-testutils</artifactId>
-         <version>13.0.0</version>
+         <version>13.1.0</version>
          <scope>test</scope>
       </dependency>
    </dependencies>

pdp-cli/src/main/java/org/ow2/authzforce/core/pdp/cli/PdpCommandLineCallable.java

@@ -27,9 +27,6 @@ import java.util.concurrent.Callable;
 
 import javax.xml.bind.Marshaller;
 
-import oasis.names.tc.xacml._3_0.core.schema.wd_17.Request;
-import oasis.names.tc.xacml._3_0.core.schema.wd_17.Response;
-
 import org.json.JSONObject;
 import org.json.JSONTokener;
 import org.ow2.authzforce.core.pdp.api.DecisionRequestPreprocessor;
@@ -44,8 +41,10 @@ import org.ow2.authzforce.core.pdp.io.xacml.json.BaseXacmlJsonResultPostprocesso
 import org.ow2.authzforce.core.pdp.io.xacml.json.IndividualXacmlJsonRequest;
 import org.ow2.authzforce.core.pdp.io.xacml.json.SingleDecisionXacmlJsonRequestPreprocessor;
 import org.ow2.authzforce.xacml.Xacml3JaxbHelper;
-import org.ow2.authzforce.xacml.json.model.Xacml3JsonUtils;
+import org.ow2.authzforce.xacml.json.model.XacmlJsonUtils;
 
+import oasis.names.tc.xacml._3_0.core.schema.wd_17.Request;
+import oasis.names.tc.xacml._3_0.core.schema.wd_17.Response;
 import picocli.CommandLine;
 import picocli.CommandLine.Command;
 import picocli.CommandLine.Option;
@@ -68,23 +67,25 @@ public final class PdpCommandLineCallable implements Callable<Void>
 	/*
 	 * WARNING: do not make picocli-annoated fields final here! Known issue: https://github.com/remkop/picocli/issues/68. Planned to be fixed in release 2.1.0.
 	 */
-	@Option(names = { "-t", "--type" }, description = "Type of XACML request/response: 'XACML_XML' for XACML 3.0/XML (XACML core specification), 'XACML_JSON' for XACML 3.0/JSON (JSON Profile of XACML 3.0)")
-	private RequestType requestType = RequestType.XACML_XML;
+	@Option(names = { "-t",
+	        "--type" }, description = "Type of XACML request/response: 'XACML_XML' for XACML 3.0/XML (XACML core specification), 'XACML_JSON' for XACML 3.0/JSON (JSON Profile of XACML 3.0)")
+	private final RequestType requestType = RequestType.XACML_XML;
 
 	@Parameters(index = "0", description = "Path to PDP configuration file, valid against schema located at https://github.com/authzforce/core/blob/release-X.Y.Z/pdp-engine/src/main/resources/pdp.xsd (X.Y.Z is the version provided by -v option)")
 	private File confFile;
 
 	@Option(names = { "-c", "--catalog" }, description = "Path to XML catalog for resolving schemas used in extensions XSD specified by -e option, required only if -e specified")
-	private String catalogLocation = null;
+	private final String catalogLocation = null;
 
-	@Option(names = { "-e", "--extensions" }, description = "Path to extensions XSD (contains XSD namespace imports for all extensions used in the PDP configuration), required only if using any extension in the PDP configuration file")
-	private String extensionXsdLocation = null;
+	@Option(names = { "-e",
+	        "--extensions" }, description = "Path to extensions XSD (contains XSD namespace imports for all extensions used in the PDP configuration), required only if using any extension in the PDP configuration file")
+	private final String extensionXsdLocation = null;
 
 	@Parameters(index = "1", description = "XACML Request (format determined by -t option)")
 	private File reqFile;
 
 	@Option(names = { "-p", "--prettyprint" }, description = "Pretty-print output with line feeds and indentation")
-	private boolean formattedOutput = false;
+	private final boolean formattedOutput = false;
 
 	@Override
 	public Void call() throws Exception
@@ -104,17 +105,17 @@ public final class PdpCommandLineCallable implements Callable<Void>
 						throw new IllegalArgumentException("Invalid XACML JSON Request file: " + reqFile + ". Expected root key: \"Request\"");
 					}
 
-					Xacml3JsonUtils.REQUEST_SCHEMA.validate(jsonRequest);
+					XacmlJsonUtils.REQUEST_SCHEMA.validate(jsonRequest);
 				}
 
 				final DecisionResultPostprocessor<IndividualXacmlJsonRequest, JSONObject> defaultResultPostproc = new BaseXacmlJsonResultPostprocessor(
-						configuration.getClientRequestErrorVerbosityLevel());
+				        configuration.getClientRequestErrorVerbosityLevel());
 				final DecisionRequestPreprocessor<JSONObject, IndividualXacmlJsonRequest> defaultReqPreproc = SingleDecisionXacmlJsonRequestPreprocessor.LaxVariantFactory.INSTANCE.getInstance(
-						configuration.getAttributeValueFactoryRegistry(), configuration.isStrictAttributeIssuerMatchEnabled(), configuration.isXpathEnabled(), XmlUtils.SAXON_PROCESSOR,
-						defaultResultPostproc.getFeatures());
+				        configuration.getAttributeValueFactoryRegistry(), configuration.isStrictAttributeIssuerMatchEnabled(), configuration.isXpathEnabled(), XmlUtils.SAXON_PROCESSOR,
+				        defaultResultPostproc.getFeatures());
 
 				final PdpEngineInoutAdapter<JSONObject, JSONObject> jsonPdpEngineAdapter = PdpEngineAdapters.newInoutAdapter(JSONObject.class, JSONObject.class, configuration, defaultReqPreproc,
-						defaultResultPostproc);
+				        defaultResultPostproc);
 				final JSONObject jsonResponse = jsonPdpEngineAdapter.evaluate(jsonRequest);
 				System.out.println(jsonResponse.toString(formattedOutput ? 4 : 0));
 				break;

pdp-engine/pom.xml

@@ -3,7 +3,7 @@
 	<parent>
 		<groupId>org.ow2.authzforce</groupId>
 		<artifactId>authzforce-ce-core</artifactId>
-		<version>13.0.0</version>
+		<version>13.1.0</version>
 		<relativePath>..</relativePath>
 	</parent>
 	<artifactId>authzforce-ce-core-pdp-engine</artifactId>

pdp-engine/src/main/resources/saxon.xml

@@ -35,7 +35,6 @@
       preEvaluateDoc="false"
       serializerFactory=""
       errorListener="net.sf.saxon.lib.StandardErrorListener"
-      traceListener="net.sf.saxon.trace.XSLTTraceListener"
       usePiDisableOutputEscaping="false"
       validationWarnings="true" />
    <serialization
@@ -92,7 +91,7 @@
       stylesheetParser="">
    </xslt>
    <xquery
-      version="1.1"
+      version="3.1"
       allowUpdate="false"
       errorListener="net.sf.saxon.StandardErrorListener"
       moduleUriResolver="net.sf.saxon.lib.StandardModuleURIResolver"
@@ -103,12 +102,5 @@
       defaultElementNamespace=""
       preserveBoundarySpace="false"
       requiredContextItemType="document-node()"
-      emptyLeast="true" />
-      
-      <!-- XSD occurrenceLimits property is not considered valid by SAXON 9.6 although it is in the doc:
-      http://www.saxonica.com/documentation9.6/index.html#!configuration/configuration-file/config-xsd 
-      Bug reported here: https://saxonica.plan.io/issues/2731
-      -->
-  <xsd
-      version="1.1" />    
+      emptyLeast="true" />   
 </configuration>
\ No newline at end of file

pdp-io-xacml-json/pom.xml

@@ -3,7 +3,7 @@
    <parent>
       <groupId>org.ow2.authzforce</groupId>
       <artifactId>authzforce-ce-core</artifactId>
-      <version>13.0.0</version>
+      <version>13.1.0</version>
       <relativePath>..</relativePath>
    </parent>
    <artifactId>authzforce-ce-core-pdp-io-xacml-json</artifactId>
@@ -21,7 +21,7 @@
       <dependency>
          <groupId>org.ow2.authzforce</groupId>
          <artifactId>authzforce-ce-xacml-json-model</artifactId>
-         <version>1.1.0</version>
+         <version>2.0.0</version>
       </dependency>
       <dependency>
          <groupId>org.ow2.authzforce</groupId>
@@ -41,7 +41,7 @@
       <dependency>
          <groupId>org.ow2.authzforce</groupId>
          <artifactId>authzforce-ce-core-pdp-testutils</artifactId>
-         <version>13.0.0</version>
+         <version>13.1.0</version>
          <scope>test</scope>
       </dependency>
    </dependencies>

pdp-io-xacml-json/src/main/java/org/ow2/authzforce/core/pdp/io/xacml/json/BaseXacmlJsonRequestPreprocessor.java

@@ -44,7 +44,7 @@ import org.ow2.authzforce.core.pdp.io.xacml.json.XacmlJsonParsingUtils.ContentSk
 import org.ow2.authzforce.core.pdp.io.xacml.json.XacmlJsonParsingUtils.FullXacmlJsonAttributesParserFactory;
 import org.ow2.authzforce.core.pdp.io.xacml.json.XacmlJsonParsingUtils.NamedXacmlJsonAttributeParser;
 import org.ow2.authzforce.xacml.identifiers.XacmlStatusCode;
-import org.ow2.authzforce.xacml.json.model.Xacml3JsonUtils;
+import org.ow2.authzforce.xacml.json.model.XacmlJsonUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -208,7 +208,7 @@ public abstract class BaseXacmlJsonRequestPreprocessor implements DecisionReques
 
 		try
 		{
-			Xacml3JsonUtils.REQUEST_SCHEMA.validate(request);
+			XacmlJsonUtils.REQUEST_SCHEMA.validate(request);
 		}
 		catch (final ValidationException e)
 		{

pdp-io-xacml-json/src/test/java/org/ow2/authzforce/core/pdp/io/xacml/json/test/JsonProfileConformanceV3Test.java

@@ -21,7 +21,6 @@ import java.io.BufferedReader;
 import java.io.FileInputStream;
 import java.io.IOException;
 import java.io.InputStream;
-import java.io.InputStreamReader;
 import java.net.URISyntaxException;
 import java.net.URL;
 import java.nio.charset.StandardCharsets;
@@ -43,7 +42,7 @@ import org.ow2.authzforce.core.pdp.io.xacml.json.BaseXacmlJsonResultPostprocesso
 import org.ow2.authzforce.core.pdp.io.xacml.json.SingleDecisionXacmlJsonRequestPreprocessor;
 import org.ow2.authzforce.core.pdp.testutil.TestUtils;
 import org.ow2.authzforce.xacml.json.model.LimitsCheckingJSONObject;
-import org.ow2.authzforce.xacml.json.model.Xacml3JsonUtils;
+import org.ow2.authzforce.xacml.json.model.XacmlJsonUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.util.ResourceUtils;
@@ -132,11 +131,11 @@ public class JsonProfileConformanceV3Test
 		}
 
 		// normalize responses for comparison
-		final JSONObject normalizedExpectedResponse = Xacml3JsonUtils.canonicalizeResponse(expectedResponse);
-		final JSONObject normalizedActualResponse = Xacml3JsonUtils.canonicalizeResponse(actualResponseFromPDP);
+		final JSONObject normalizedExpectedResponse = XacmlJsonUtils.canonicalizeResponse(expectedResponse);
+		final JSONObject normalizedActualResponse = XacmlJsonUtils.canonicalizeResponse(actualResponseFromPDP);
 		Assert.assertTrue(normalizedActualResponse.similar(normalizedExpectedResponse),
-				"Test '" + testId + "' (StatusMessage/StatusDetail/nested StatusCode elements removed/ignored for comparison): expected: <" + normalizedExpectedResponse + "> ; actual: <"
-						+ normalizedActualResponse + ">");
+		        "Test '" + testId + "' (StatusMessage/StatusDetail/nested StatusCode elements removed/ignored for comparison): expected: <" + normalizedExpectedResponse + "> ; actual: <"
+		                + normalizedActualResponse + ">");
 	}
 
 	public static Collection<Object[]> params(final String testResourcesRootDirectory) throws URISyntaxException, IOException
@@ -176,7 +175,7 @@ public class JsonProfileConformanceV3Test
 		// Response file
 		final Path expectedRespFile = testDirectoryPath.resolve(EXPECTED_RESPONSE_FILENAME_SUFFIX);
 		final JSONObject expectedResponse;
-		try (final BufferedReader reader = new BufferedReader(new InputStreamReader(new FileInputStream(expectedRespFile.toFile()), StandardCharsets.UTF_8)))
+		try (final BufferedReader reader = Files.newBufferedReader(expectedRespFile, StandardCharsets.UTF_8))
 		{
 			expectedResponse = new LimitsCheckingJSONObject(reader, MAX_JSON_STRING_LENGTH, MAX_JSON_CHILDREN_COUNT, MAX_JSON_DEPTH);
 			if (!expectedResponse.has("Response"))
@@ -184,7 +183,7 @@ public class JsonProfileConformanceV3Test
 				throw new IllegalArgumentException("Invalid XACML JSON Response file: " + expectedRespFile + ". Expected root key: \"Response\"");
 			}
 
-			Xacml3JsonUtils.RESPONSE_SCHEMA.validate(expectedResponse);
+			XacmlJsonUtils.RESPONSE_SCHEMA.validate(expectedResponse);
 		}
 
 		// Request file
@@ -198,7 +197,7 @@ public class JsonProfileConformanceV3Test
 				throw new IllegalArgumentException("Invalid XACML JSON Request file: " + reqFile + ". Expected root key: \"Request\"");
 			}
 
-			Xacml3JsonUtils.REQUEST_SCHEMA.validate(jsonRequest);
+			XacmlJsonUtils.REQUEST_SCHEMA.validate(jsonRequest);
 		}
 
 		final Path rootPolicyFile = testDirectoryPath.resolve(ROOT_POLICY_FILENAME_SUFFIX);
@@ -212,9 +211,9 @@ public class JsonProfileConformanceV3Test
 		 * policies) at the moment. If some day, JSON Profile addresses policy format too, then we should do like in ConformanceV3fromV2 class from pdp-testutils package (policy syntax validation).
 		 */
 		final PdpEngineConfiguration pdpEngineConf = TestUtils.newPdpEngineConfiguration(rootPolicyFile.toUri().toURL().toString(),
-				Files.exists(refPoliciesDir) ? refPoliciesDir.toUri().toURL().toString() : null, ENABLE_XPATH,
-				Files.exists(attributeProviderConfFile) ? attributeProviderConfFile.toUri().toURL().toString() : null, SingleDecisionXacmlJsonRequestPreprocessor.LaxVariantFactory.ID,
-				BaseXacmlJsonResultPostprocessor.DefaultFactory.ID);
+		        Files.exists(refPoliciesDir) ? refPoliciesDir.toUri().toURL().toString() : null, ENABLE_XPATH,
+		        Files.exists(attributeProviderConfFile) ? attributeProviderConfFile.toUri().toURL().toString() : null, SingleDecisionXacmlJsonRequestPreprocessor.LaxVariantFactory.ID,
+		        BaseXacmlJsonResultPostprocessor.DefaultFactory.ID);
 		try (final PdpEngineInoutAdapter<JSONObject, JSONObject> pdp = PdpEngineXacmlJsonAdapters.newXacmlJsonInoutAdapter(pdpEngineConf))
 		{
 			// this is an evaluation test with request/response (not a policy syntax check)

pdp-testutils/pom.xml

@@ -3,7 +3,7 @@
    <parent>
       <groupId>org.ow2.authzforce</groupId>
       <artifactId>authzforce-ce-core</artifactId>
-      <version>13.0.0</version>
+      <version>13.1.0</version>
       <relativePath>..</relativePath>
    </parent>
    <artifactId>authzforce-ce-core-pdp-testutils</artifactId>
@@ -23,32 +23,19 @@
       <dependency>
          <groupId>${project.groupId}</groupId>
          <artifactId>${artifactId.prefix}-core-pdp-engine</artifactId>
-         <version>13.0.0</version>
+         <version>13.1.0</version>
       </dependency>
       <dependency>
          <groupId>org.mongodb</groupId>
          <artifactId>mongo-java-driver</artifactId>
          <!-- See this issue for compatibility with Jongo: https://github.com/bguerout/jongo/issues/254 -->
-         <version>2.14.2</version>
+         <!-- Version must match the one defined in Jongo's pom.xml -->
+         <version>3.5.0</version>
       </dependency>
-      <!-- Jongo 1.3.0 depends on Jackson-databind 2.7.3 which is affected by CVE:
-	   https://nvd.nist.gov/vuln/detail/CVE-2018-5968
-	The issue and pull request has been submitted to Jongo project:
-	https://github.com/bguerout/jongo/issues/327
-       Also affected by CVE: https://nvd.nist.gov/vuln/detail/CVE-2018-7489
-      TODO: fix again in jongo dependencies
--->
-<!-- So let's force upgrade to 2.9.5 to fix it -->
-     <dependency>
-	     <groupId>com.fasterxml.jackson.core</groupId>
-	     <artifactId>jackson-databind</artifactId>
-	     <version>2.9.5</version>
-     </dependency>
-
       <dependency>
          <groupId>org.jongo</groupId>
          <artifactId>jongo</artifactId>
-         <version>1.3.0</version>
+         <version>1.4.0</version>
       </dependency>
       <dependency>
          <groupId>junit</groupId>

pdp-testutils/src/main/java/org/ow2/authzforce/core/pdp/testutil/ext/MongoDbRefPolicyProvider.java

@@ -22,7 +22,6 @@ package org.ow2.authzforce.core.pdp.testutil.ext;
 
 import java.io.IOException;
 import java.io.StringReader;
-import java.net.UnknownHostException;
 import java.util.Deque;
 import java.util.Map;
 import java.util.Optional;
@@ -89,11 +88,11 @@ public final class MongoDbRefPolicyProvider extends BaseStaticRefPolicyProvider
 	private final CombiningAlgRegistry combiningAlgRegistry;
 
 	private MongoDbRefPolicyProvider(final String id, final ServerAddress serverAddress, final String dbName, final String collectionName, final XmlnsFilteringParserFactory xacmlParserFactory,
-			final ExpressionFactory expressionFactory, final CombiningAlgRegistry combiningAlgRegistry, final int maxPolicySetRefDepth)
+	        final ExpressionFactory expressionFactory, final CombiningAlgRegistry combiningAlgRegistry, final int maxPolicySetRefDepth)
 	{
 		super(maxPolicySetRefDepth);
 		assert id != null && !id.isEmpty() && dbName != null && !dbName.isEmpty() && collectionName != null && !collectionName.isEmpty() && xacmlParserFactory != null && expressionFactory != null
-				&& combiningAlgRegistry != null;
+		        && combiningAlgRegistry != null;
 
 		this.id = id;
 		this.dbClient = new MongoClient(serverAddress);
@@ -116,13 +115,15 @@ public final class MongoDbRefPolicyProvider extends BaseStaticRefPolicyProvider
 		private static final IllegalArgumentException NULL_CONF_ARGUMENT_EXCEPTION = new IllegalArgumentException("PolicyProvider configuration undefined");
 
 		@Override
-		public Class<MongoDBBasedPolicyProvider> getJaxbClass() {
+		public Class<MongoDBBasedPolicyProvider> getJaxbClass()
+		{
 			return MongoDBBasedPolicyProvider.class;
 		}
 
 		@Override
 		public CloseableRefPolicyProvider getInstance(final MongoDBBasedPolicyProvider conf, final XmlnsFilteringParserFactory xmlParserFactory, final int maxPolicySetRefDepth,
-				final ExpressionFactory expressionFactory, final CombiningAlgRegistry combiningAlgRegistry, final EnvironmentProperties environmentProperties) throws IllegalArgumentException {
+		        final ExpressionFactory expressionFactory, final CombiningAlgRegistry combiningAlgRegistry, final EnvironmentProperties environmentProperties) throws IllegalArgumentException
+		{
 			if (conf == null)
 			{
 				throw NULL_CONF_ARGUMENT_EXCEPTION;
@@ -143,22 +144,16 @@ public final class MongoDbRefPolicyProvider extends BaseStaticRefPolicyProvider
 				throw ILLEGAL_COMBINING_ALG_REGISTRY_ARGUMENT_EXCEPTION;
 			}
 
-			final ServerAddress serverAddress;
-			try
-			{
-				serverAddress = new ServerAddress(conf.getServerHost(), conf.getServerPort());
-			} catch (final UnknownHostException e)
-			{
-				throw new IllegalArgumentException("Invalid database server host", e);
-			}
+			final ServerAddress serverAddress = new ServerAddress(conf.getServerHost(), conf.getServerPort());
 			return new MongoDbRefPolicyProvider(conf.getId(), serverAddress, conf.getDbName(), conf.getCollectionName(), xmlParserFactory, expressionFactory, combiningAlgRegistry,
-					maxPolicySetRefDepth);
+			        maxPolicySetRefDepth);
 		}
 
 	}
 
 	@Override
-	public void close() throws IOException {
+	public void close() throws IOException
+	{
 		this.dbClient.close();
 	}
 
@@ -177,7 +172,8 @@ public final class MongoDbRefPolicyProvider extends BaseStaticRefPolicyProvider
 	}
 
 	private PolicyQueryResult getJaxbPolicyElement(final String policyTypeId, final String policyId, final Optional<PolicyVersionPatterns> policyPolicyVersionPatterns)
-			throws IndeterminateEvaluationException {
+	        throws IndeterminateEvaluationException
+	{
 		final Optional<PolicyVersionPattern> versionPattern;
 		if (policyPolicyVersionPatterns.isPresent())
 		{
@@ -199,7 +195,8 @@ public final class MongoDbRefPolicyProvider extends BaseStaticRefPolicyProvider
 			}
 
 			versionPattern = nonNullPolicyPolicyVersionPatterns.getVersionPattern();
-		} else
+		}
+		else
 		{
 			versionPattern = Optional.empty();
 		}
@@ -216,7 +213,8 @@ public final class MongoDbRefPolicyProvider extends BaseStaticRefPolicyProvider
 			if (versionLiteral != null)
 			{
 				policyPOJO = policyCollection.findOne("{type: #, id: #, version: #}", policyTypeId, policyId, versionLiteral.toString()).as(PolicyPojo.class);
-			} else
+			}
+			else
 			{
 				/*
 				 * versionPattern is not a literal/constant version (contains wildcard '*' or '+') -> convert to PCRE regex for MongoDB server-side evaluation
@@ -224,7 +222,8 @@ public final class MongoDbRefPolicyProvider extends BaseStaticRefPolicyProvider
 				final String regex = "^" + nonNullVersionPattern.toRegex() + "$";
 				policyPOJO = policyCollection.findOne("{type: #, id: #, version: { $regex: # }}", policyTypeId, policyId, regex).as(PolicyPojo.class);
 			}
-		} else
+		}
+		else
 		{
 			// no version pattern specified
 			policyPOJO = policyCollection.findOne("{type: #, id: #}", policyTypeId, policyId).as(PolicyPojo.class);
@@ -239,7 +238,8 @@ public final class MongoDbRefPolicyProvider extends BaseStaticRefPolicyProvider
 		try
 		{
 			xacmlParser = xacmlParserFactory.getInstance();
-		} catch (final JAXBException e)
+		}
+		catch (final JAXBException e)
 		{
 			throw new IndeterminateEvaluationException("PolicyProvider " + id + ": Failed to create JAXB unmarshaller for XACML Policy(Set)", XacmlStatusCode.PROCESSING_ERROR.value(), e);
 		}
@@ -252,18 +252,20 @@ public final class MongoDbRefPolicyProvider extends BaseStaticRefPolicyProvider
 			 * TODO: support more efficient formats of XML content, e.g. gzipped XML, Fast Infoset, EXI.
 			 */
 			resultJaxbObj = xacmlParser.parse(xmlInputSrc);
-		} catch (final JAXBException e)
+		}
+		catch (final JAXBException e)
 		{
 			throw new IndeterminateEvaluationException(
-					"PolicyProvider " + id + ": failed to parse Policy(Set) XML document from 'content' value of the policy document " + policyPOJO + " retrieved from database",
-					XacmlStatusCode.PROCESSING_ERROR.value(), e);
+			        "PolicyProvider " + id + ": failed to parse Policy(Set) XML document from 'content' value of the policy document " + policyPOJO + " retrieved from database",
+			        XacmlStatusCode.PROCESSING_ERROR.value(), e);
 		}
 
 		return new PolicyQueryResult(policyPOJO, resultJaxbObj, xacmlParser.getNamespacePrefixUriMap());
 	}
 
 	@Override
-	public StaticTopLevelPolicyElementEvaluator getPolicy(final String policyId, final Optional<PolicyVersionPatterns> policyPolicyVersionPatterns) throws IndeterminateEvaluationException {
+	public StaticTopLevelPolicyElementEvaluator getPolicy(final String policyId, final Optional<PolicyVersionPatterns> policyPolicyVersionPatterns) throws IndeterminateEvaluationException
+	{
 		/*
 		 * TODO: use a policy cache and check it before requesting the database.
 		 */
@@ -279,8 +281,8 @@ public final class MongoDbRefPolicyProvider extends BaseStaticRefPolicyProvider
 		if (!(jaxbPolicyOrPolicySetObj instanceof Policy))
 		{
 			throw new IndeterminateEvaluationException("PolicyProvider " + id + ": 'content' of the policy document " + policyPOJO
-					+ " retrieved from database is not consistent with its 'type' (expected: Policy). Actual content type: " + jaxbPolicyOrPolicySetObj.getClass() + " (corrupted database?).",
-					XacmlStatusCode.PROCESSING_ERROR.value());
+			        + " retrieved from database is not consistent with its 'type' (expected: Policy). Actual content type: " + jaxbPolicyOrPolicySetObj.getClass() + " (corrupted database?).",
+			        XacmlStatusCode.PROCESSING_ERROR.value());
 		}
 
 		final Policy jaxbPolicy = (Policy) jaxbPolicyOrPolicySetObj;
@@ -288,20 +290,21 @@ public final class MongoDbRefPolicyProvider extends BaseStaticRefPolicyProvider
 		if (!contentPolicyId.equals(policyPOJO.getId()))
 		{
 			throw new IndeterminateEvaluationException("PolicyProvider " + id + ": PolicyId in 'content' of the policy document " + policyPOJO
-					+ " retrieved from database is not consistent with 'id'. Actual PolicyId: " + contentPolicyId + " (corrupted database?).", XacmlStatusCode.PROCESSING_ERROR.value());
+			        + " retrieved from database is not consistent with 'id'. Actual PolicyId: " + contentPolicyId + " (corrupted database?).", XacmlStatusCode.PROCESSING_ERROR.value());
 		}
 
 		final String contentPolicyVersion = jaxbPolicy.getVersion();
 		if (!contentPolicyVersion.equals(policyPOJO.getVersion()))
 		{
 			throw new IndeterminateEvaluationException("PolicyProvider " + id + ": Version in 'content' of the policy document " + policyPOJO
-					+ " retrieved from database is not consistent with 'version'. Actual Version: " + contentPolicyVersion + " (corrupted database?).", XacmlStatusCode.PROCESSING_ERROR.value());
+			        + " retrieved from database is not consistent with 'version'. Actual Version: " + contentPolicyVersion + " (corrupted database?).", XacmlStatusCode.PROCESSING_ERROR.value());
 		}
 
 		try
 		{
 			return PolicyEvaluators.getInstance(jaxbPolicy, null, nsPrefixUriMap, expressionFactory, combiningAlgRegistry);
-		} catch (final IllegalArgumentException e)
+		}
+		catch (final IllegalArgumentException e)
 		{
 			throw new IllegalArgumentException("Invalid Policy in 'content' of the policy document " + policyPOJO + " retrieved from database", e);
 		}
@@ -309,7 +312,8 @@ public final class MongoDbRefPolicyProvider extends BaseStaticRefPolicyProvider
 
 	@Override
 	public StaticTopLevelPolicyElementEvaluator getPolicySet(final String policyId, final Optional<PolicyVersionPatterns> policyPolicyVersionPatterns, final Deque<String> policySetRefChain)
-			throws IndeterminateEvaluationException {
+	        throws IndeterminateEvaluationException
+	{
 		/**
 		 * TODO: use a policy cache and check it before requesting the database. If we found a matching policy in cache, and it is a policyset, we would check the depth of policy references as well:
 		 * <p>
@@ -327,8 +331,8 @@ public final class MongoDbRefPolicyProvider extends BaseStaticRefPolicyProvider
 		if (!(jaxbPolicyOrPolicySetObj instanceof PolicySet))
 		{
 			throw new IndeterminateEvaluationException("PolicyProvider " + id + ": 'content' of the policy document " + policyPOJO
-					+ " retrieved from database is not consistent with 'type' (expected: PolicySet). Actual content type: " + jaxbPolicyOrPolicySetObj.getClass() + " (corrupted database?).",
-					XacmlStatusCode.PROCESSING_ERROR.value());
+			        + " retrieved from database is not consistent with 'type' (expected: PolicySet). Actual content type: " + jaxbPolicyOrPolicySetObj.getClass() + " (corrupted database?).",
+			        XacmlStatusCode.PROCESSING_ERROR.value());
 		}
 
 		final PolicySet jaxbPolicySet = (PolicySet) jaxbPolicyOrPolicySetObj;
@@ -336,20 +340,21 @@ public final class MongoDbRefPolicyProvider extends BaseStaticRefPolicyProvider
 		if (!contentPolicyId.equals(policyPOJO.getId()))
 		{
 			throw new IndeterminateEvaluationException("PolicyProvider " + id + ": PolicyId in 'content' of the policy document " + policyPOJO
-					+ " retrieved from database is not consistent with 'id'. Actual PolicyId: " + contentPolicyId + " (corrupted database?).", XacmlStatusCode.PROCESSING_ERROR.value());
+			        + " retrieved from database is not consistent with 'id'. Actual PolicyId: " + contentPolicyId + " (corrupted database?).", XacmlStatusCode.PROCESSING_ERROR.value());
 		}
 
 		final String contentPolicyVersion = jaxbPolicySet.getVersion();
 		if (!contentPolicyVersion.equals(policyPOJO.getVersion()))
 		{
 			throw new IndeterminateEvaluationException("PolicyProvider " + id + ": Version in 'content' of the policy document " + policyPOJO
-					+ " retrieved from database is not consistent with 'version'. Actual Version: " + contentPolicyVersion + " (corrupted database?).", XacmlStatusCode.PROCESSING_ERROR.value());
+			        + " retrieved from database is not consistent with 'version'. Actual Version: " + contentPolicyVersion + " (corrupted database?).", XacmlStatusCode.PROCESSING_ERROR.value());
 		}
 
 		try
 		{
 			return PolicyEvaluators.getInstanceStatic(jaxbPolicySet, null, nsPrefixUriMap, expressionFactory, combiningAlgRegistry, this, policySetRefChain);
-		} catch (final IllegalArgumentException e)
+		}
+		catch (final IllegalArgumentException e)
 		{
 			throw new IndeterminateEvaluationException("Invalid PolicySet in 'content' of the policy document " + policyPOJO + " retrieved from database", XacmlStatusCode.PROCESSING_ERROR.value(), e);
 		}

pom.xml

@@ -3,10 +3,10 @@
    <parent>
       <groupId>org.ow2.authzforce</groupId>
       <artifactId>authzforce-ce-parent</artifactId>
-      <version>7.2.0</version>
+      <version>7.3.0</version>
    </parent>
    <artifactId>authzforce-ce-core</artifactId>
-   <version>13.0.0</version>
+   <version>13.1.0</version>