Commit c837d1d7 authored by cdanger's avatar cdanger
Browse files

Merge branch 'GH-38' into develop

Conflicts:
	pdp-engine/src/main/java/org/ow2/authzforce/core/pdp/impl/policy/CoreRefPolicyProvider.java
	pdp-io-xacml-json/src/test/java/org/ow2/authzforce/core/pdp/io/xacml/json/test/JsonProfileConformanceV3Test.java
	pom.xml
parents 802b390e aa856904
...@@ -131,7 +131,7 @@ Then instantiate a PDP engine configuration with method [PdpEngineConfiguration# ...@@ -131,7 +131,7 @@ Then instantiate a PDP engine configuration with method [PdpEngineConfiguration#
```xml ```xml
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<pdp xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://authzforce.github.io/core/xmlns/pdp/6.0" version="6.0.0"> <pdp xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://authzforce.github.io/core/xmlns/pdp/7.0" version="7.0.0">
<rootPolicyProvider id="rootPolicyProvider" xsi:type="StaticRootPolicyProvider" policyLocation="${PARENT_DIR}/policy.xml" /> <rootPolicyProvider id="rootPolicyProvider" xsi:type="StaticRootPolicyProvider" policyLocation="${PARENT_DIR}/policy.xml" />
</pdp> </pdp>
``` ```
......
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<pdp xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://authzforce.github.io/core/xmlns/pdp/6.0" version="6.0.0"> <pdp
<rootPolicyProvider id="rootPolicyProvider" xsi:type="StaticRootPolicyProvider" policyLocation="${PARENT_DIR}/IIA001/Policy.xml" /> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
<ioProcChain> xmlns="http://authzforce.github.io/core/xmlns/pdp/7.0"
<requestPreproc>urn:ow2:authzforce:feature:pdp:request-preproc:xacml-json:default-lax</requestPreproc> version="7.0.0">
<resultPostproc>urn:ow2:authzforce:feature:pdp:result-postproc:xacml-json:default</resultPostproc> <policyProvider
</ioProcChain> id="rootPolicyProvider"
xsi:type="StaticPolicyProvider">
<policyLocation>${PARENT_DIR}/IIA001/Policy.xml</policyLocation>
</policyProvider>
<rootPolicyRef>urn:oasis:names:tc:xacml:2.0:conformance-test:IIA1:policy</rootPolicyRef>
<ioProcChain>
<requestPreproc>urn:ow2:authzforce:feature:pdp:request-preproc:xacml-json:default-lax</requestPreproc>
<resultPostproc>urn:ow2:authzforce:feature:pdp:result-postproc:xacml-json:default</resultPostproc>
</ioProcChain>
</pdp> </pdp>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> <project
xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion> <modelVersion>4.0.0</modelVersion>
<parent> <parent>
<groupId>org.ow2.authzforce</groupId> <groupId>org.ow2.authzforce</groupId>
......
...@@ -42,7 +42,7 @@ import com.google.common.collect.ListMultimap; ...@@ -42,7 +42,7 @@ import com.google.common.collect.ListMultimap;
import oasis.names.tc.xacml._3_0.core.schema.wd_17.AttributeDesignatorType; import oasis.names.tc.xacml._3_0.core.schema.wd_17.AttributeDesignatorType;
/** /**
* AttributeProvider that tries to resolve attributes in current request context first, else delegates to {@link DesignatedAttributeProvider}s. * AttributeProvider that tries to resolve attributes in current request context first, else delegates to {@link NamedAttributeProvider}s.
* *
* @version $Id: $ * @version $Id: $
*/ */
...@@ -97,7 +97,8 @@ public class ModularAttributeProvider implements AttributeProvider ...@@ -97,7 +97,8 @@ public class ModularAttributeProvider implements AttributeProvider
if (selectedAttributeSupport == null) if (selectedAttributeSupport == null)
{ {
designatorModsByAttrId = attributeProviderModulesByAttributeId; designatorModsByAttrId = attributeProviderModulesByAttributeId;
} else }
else
{ {
final ListMultimap<AttributeFqn, NamedAttributeProvider> mutableModsByAttrIdMap = ArrayListMultimap.create(selectedAttributeSupport.size(), 1); final ListMultimap<AttributeFqn, NamedAttributeProvider> mutableModsByAttrIdMap = ArrayListMultimap.create(selectedAttributeSupport.size(), 1);
for (final AttributeDesignatorType requiredAttr : selectedAttributeSupport) for (final AttributeDesignatorType requiredAttr : selectedAttributeSupport)
...@@ -206,7 +207,8 @@ public class ModularAttributeProvider implements AttributeProvider ...@@ -206,7 +207,8 @@ public class ModularAttributeProvider implements AttributeProvider
LOGGER.debug("Values of attribute {}, type={} returned by attribute Provider module #{} (cached in context): {}", attributeFqn, datatype, attrProviders, result); LOGGER.debug("Values of attribute {}, type={} returned by attribute Provider module #{} (cached in context): {}", attributeFqn, datatype, attrProviders, result);
issuedToNonIssuedAttributeCopyMode.process(attributeFqn, result, context); issuedToNonIssuedAttributeCopyMode.process(attributeFqn, result, context);
return result; return result;
} catch (final IndeterminateEvaluationException e) }
catch (final IndeterminateEvaluationException e)
{ {
/* /*
* This error does not necessarily matter, it depends on whether the attribute is required, i.e. MustBePresent=true for AttributeDesignator/Selector So we let * This error does not necessarily matter, it depends on whether the attribute is required, i.e. MustBePresent=true for AttributeDesignator/Selector So we let
...@@ -248,7 +250,8 @@ public class ModularAttributeProvider implements AttributeProvider ...@@ -248,7 +250,8 @@ public class ModularAttributeProvider implements AttributeProvider
*/ */
context.putNamedAttributeValueIfAbsent(attributeFqn, result); context.putNamedAttributeValueIfAbsent(attributeFqn, result);
return result; return result;
} catch (final UnsupportedOperationException e) }
catch (final UnsupportedOperationException e)
{ {
/* /*
* Should not happen, this is highly unexpected and should be considered a fatal error (it means the AttributeProvider does not respect its contract) * Should not happen, this is highly unexpected and should be considered a fatal error (it means the AttributeProvider does not respect its contract)
......
...@@ -54,8 +54,9 @@ import org.ow2.authzforce.core.pdp.api.expression.ExpressionFactory; ...@@ -54,8 +54,9 @@ import org.ow2.authzforce.core.pdp.api.expression.ExpressionFactory;
import org.ow2.authzforce.core.pdp.api.func.FirstOrderFunction; import org.ow2.authzforce.core.pdp.api.func.FirstOrderFunction;
import org.ow2.authzforce.core.pdp.api.func.Function; import org.ow2.authzforce.core.pdp.api.func.Function;
import org.ow2.authzforce.core.pdp.api.io.XacmlJaxbParsingUtils; import org.ow2.authzforce.core.pdp.api.io.XacmlJaxbParsingUtils;
import org.ow2.authzforce.core.pdp.api.policy.CloseableRefPolicyProvider; import org.ow2.authzforce.core.pdp.api.policy.CloseablePolicyProvider;
import org.ow2.authzforce.core.pdp.api.policy.RootPolicyProvider; import org.ow2.authzforce.core.pdp.api.policy.PolicyVersionPatterns;
import org.ow2.authzforce.core.pdp.api.policy.TopLevelPolicyElementType;
import org.ow2.authzforce.core.pdp.api.value.AttributeValueFactory; import org.ow2.authzforce.core.pdp.api.value.AttributeValueFactory;
import org.ow2.authzforce.core.pdp.api.value.AttributeValueFactoryRegistry; import org.ow2.authzforce.core.pdp.api.value.AttributeValueFactoryRegistry;
import org.ow2.authzforce.core.pdp.api.value.Datatype; import org.ow2.authzforce.core.pdp.api.value.Datatype;
...@@ -73,6 +74,7 @@ import org.ow2.authzforce.core.pdp.impl.func.StandardFunction; ...@@ -73,6 +74,7 @@ import org.ow2.authzforce.core.pdp.impl.func.StandardFunction;
import org.ow2.authzforce.core.xmlns.pdp.InOutProcChain; import org.ow2.authzforce.core.xmlns.pdp.InOutProcChain;
import org.ow2.authzforce.core.xmlns.pdp.Pdp; import org.ow2.authzforce.core.xmlns.pdp.Pdp;
import org.ow2.authzforce.core.xmlns.pdp.StandardEnvironmentAttributeSource; import org.ow2.authzforce.core.xmlns.pdp.StandardEnvironmentAttributeSource;
import org.ow2.authzforce.core.xmlns.pdp.TopLevelPolicyElementRef;
import org.ow2.authzforce.xacml.identifiers.XacmlDatatypeId; import org.ow2.authzforce.xacml.identifiers.XacmlDatatypeId;
import org.ow2.authzforce.xmlns.pdp.ext.AbstractAttributeProvider; import org.ow2.authzforce.xmlns.pdp.ext.AbstractAttributeProvider;
import org.ow2.authzforce.xmlns.pdp.ext.AbstractDecisionCache; import org.ow2.authzforce.xmlns.pdp.ext.AbstractDecisionCache;
...@@ -95,7 +97,7 @@ public final class PdpEngineConfiguration ...@@ -95,7 +97,7 @@ public final class PdpEngineConfiguration
private static final IllegalArgumentException ILLEGAL_USE_STD_FUNCTIONS_ARGUMENT_EXCEPTION = new IllegalArgumentException( private static final IllegalArgumentException ILLEGAL_USE_STD_FUNCTIONS_ARGUMENT_EXCEPTION = new IllegalArgumentException(
"useStandardFunctions = true not allowed if useStandardDatatypes = false"); "useStandardFunctions = true not allowed if useStandardDatatypes = false");
private static final IllegalArgumentException NULL_ROOTPOLICYPROVIDER_ARGUMENT_EXCEPTION = new IllegalArgumentException("Undefined rootPolicyProvider"); private static final IllegalArgumentException NULL_POLICYPROVIDER_ARGUMENT_EXCEPTION = new IllegalArgumentException("Undefined policyProvider");
// the logger we'll use for all messages // the logger we'll use for all messages
private static final Logger LOGGER = LoggerFactory.getLogger(BasePdpEngine.class); private static final Logger LOGGER = LoggerFactory.getLogger(BasePdpEngine.class);
...@@ -132,21 +134,13 @@ public final class PdpEngineConfiguration ...@@ -132,21 +134,13 @@ public final class PdpEngineConfiguration
return attrProviderModBuilder.getInstance(jaxbConf, envProps); return attrProviderModBuilder.getInstance(jaxbConf, envProps);
} }
private static <JAXB_CONF extends AbstractPolicyProvider> CloseableRefPolicyProvider newRefPolicyProvider(final JAXB_CONF jaxbConf, final XmlnsFilteringParserFactory xacmlParserFactory, private static <JAXB_CONF extends AbstractPolicyProvider> CloseablePolicyProvider<?> newPolicyProvider(final JAXB_CONF jaxbConf, final XmlnsFilteringParserFactory xacmlParserFactory,
final int maxPolicySetRefDepth, final ExpressionFactory xacmlExprFactory, final CombiningAlgRegistry combiningAlgRegistry, final EnvironmentProperties envProps) final int maxPolicySetRefDepth, final ExpressionFactory xacmlExprFactory, final CombiningAlgRegistry combiningAlgRegistry, final EnvironmentProperties envProps)
{ {
final CloseableRefPolicyProvider.Factory<JAXB_CONF> refPolicyProviderModFactory = PdpExtensions.getRefPolicyProviderFactory((Class<JAXB_CONF>) jaxbConf.getClass()); final CloseablePolicyProvider.Factory<JAXB_CONF> refPolicyProviderModFactory = PdpExtensions.getRefPolicyProviderFactory((Class<JAXB_CONF>) jaxbConf.getClass());
return refPolicyProviderModFactory.getInstance(jaxbConf, xacmlParserFactory, maxPolicySetRefDepth, xacmlExprFactory, combiningAlgRegistry, envProps); return refPolicyProviderModFactory.getInstance(jaxbConf, xacmlParserFactory, maxPolicySetRefDepth, xacmlExprFactory, combiningAlgRegistry, envProps);
} }
private static <JAXB_CONF extends AbstractPolicyProvider> RootPolicyProvider newRootPolicyProvider(final JAXB_CONF jaxbConf, final XmlnsFilteringParserFactory xacmlParserFactory,
final ExpressionFactory xacmlExprFactory, final CombiningAlgRegistry combiningAlgRegistry, final Optional<CloseableRefPolicyProvider> refPolicyProvider,
final EnvironmentProperties envProps)
{
final RootPolicyProvider.Factory<JAXB_CONF> rootPolicyProviderFactory = PdpExtensions.getRootPolicyProviderFactory((Class<JAXB_CONF>) jaxbConf.getClass());
return rootPolicyProviderFactory.getInstance(jaxbConf, xacmlParserFactory, xacmlExprFactory, combiningAlgRegistry, refPolicyProvider, envProps);
}
private static <JAXB_CONF extends AbstractDecisionCache> DecisionCache newDecisionCache(final JAXB_CONF jaxbConf, final AttributeValueFactoryRegistry attValFactories, private static <JAXB_CONF extends AbstractDecisionCache> DecisionCache newDecisionCache(final JAXB_CONF jaxbConf, final AttributeValueFactoryRegistry attValFactories,
final EnvironmentProperties envProps) final EnvironmentProperties envProps)
{ {
...@@ -159,7 +153,13 @@ public final class PdpEngineConfiguration ...@@ -159,7 +153,13 @@ public final class PdpEngineConfiguration
private final ExpressionFactory xacmlExpressionFactory; private final ExpressionFactory xacmlExpressionFactory;
private final RootPolicyProvider rootPolicyProvider; private final CloseablePolicyProvider<?> policyProvider;
private final String rootPolicyId;
private final Optional<TopLevelPolicyElementType> rootPolicyElementType;
private final Optional<PolicyVersionPatterns> rootPolicyVersionPatterns;
private final boolean strictAttributeIssuerMatch; private final boolean strictAttributeIssuerMatch;
...@@ -189,12 +189,12 @@ public final class PdpEngineConfiguration ...@@ -189,12 +189,12 @@ public final class PdpEngineConfiguration
* Check required args * Check required args
*/ */
/* /*
* Root policy provider * Policy provider
*/ */
final AbstractPolicyProvider rootPolicyProviderJaxbConf = pdpJaxbConf.getRootPolicyProvider(); final AbstractPolicyProvider rootPolicyProviderJaxbConf = pdpJaxbConf.getPolicyProvider();
if (rootPolicyProviderJaxbConf == null) if (rootPolicyProviderJaxbConf == null)
{ {
throw NULL_ROOTPOLICYPROVIDER_ARGUMENT_EXCEPTION; throw NULL_POLICYPROVIDER_ARGUMENT_EXCEPTION;
} }
/* /*
...@@ -221,11 +221,13 @@ public final class PdpEngineConfiguration ...@@ -221,11 +221,13 @@ public final class PdpEngineConfiguration
if (datatypeExtensionIdentifiers.isEmpty()) if (datatypeExtensionIdentifiers.isEmpty())
{ {
attValFactoryRegistry = stdRegistry; attValFactoryRegistry = stdRegistry;
} else }
else
{ {
attValFactoryRegistry = new ImmutableAttributeValueFactoryRegistry(HashCollections.newImmutableSet(stdRegistry.getExtensions(), datatypeExtensions)); attValFactoryRegistry = new ImmutableAttributeValueFactoryRegistry(HashCollections.newImmutableSet(stdRegistry.getExtensions(), datatypeExtensions));
} }
} else }
else
{ {
attValFactoryRegistry = new ImmutableAttributeValueFactoryRegistry(datatypeExtensions); attValFactoryRegistry = new ImmutableAttributeValueFactoryRegistry(datatypeExtensions);
} }
...@@ -255,7 +257,8 @@ public final class PdpEngineConfiguration ...@@ -255,7 +257,8 @@ public final class PdpEngineConfiguration
try try
{ {
maxVarRefDepth = bigMaxVarRefDepth == null ? -1 : bigMaxVarRefDepth.intValueExact(); maxVarRefDepth = bigMaxVarRefDepth == null ? -1 : bigMaxVarRefDepth.intValueExact();
} catch (final ArithmeticException e) }
catch (final ArithmeticException e)
{ {
throw new IllegalArgumentException("Invalid maxVariableRefDepth: " + bigMaxVarRefDepth, e); throw new IllegalArgumentException("Invalid maxVariableRefDepth: " + bigMaxVarRefDepth, e);
} }
...@@ -292,12 +295,14 @@ public final class PdpEngineConfiguration ...@@ -292,12 +295,14 @@ public final class PdpEngineConfiguration
if (nonGenericFunctionExtensionIdentifiers.isEmpty()) if (nonGenericFunctionExtensionIdentifiers.isEmpty())
{ {
functionRegistry = stdRegistry; functionRegistry = stdRegistry;
} else }
else
{ {
functionRegistry = new ImmutableFunctionRegistry(HashCollections.newImmutableSet(stdRegistry.getNonGenericFunctions(), nonGenericFunctionExtensions), functionRegistry = new ImmutableFunctionRegistry(HashCollections.newImmutableSet(stdRegistry.getNonGenericFunctions(), nonGenericFunctionExtensions),
stdRegistry.getGenericFunctionFactories()); stdRegistry.getGenericFunctionFactories());
} }
} else }
else
{ {
functionRegistry = new ImmutableFunctionRegistry(nonGenericFunctionExtensions, null); functionRegistry = new ImmutableFunctionRegistry(nonGenericFunctionExtensions, null);
} }
...@@ -331,11 +336,13 @@ public final class PdpEngineConfiguration ...@@ -331,11 +336,13 @@ public final class PdpEngineConfiguration
if (algExtensions.isEmpty()) if (algExtensions.isEmpty())
{ {
combiningAlgRegistry = StandardCombiningAlgorithm.REGISTRY; combiningAlgRegistry = StandardCombiningAlgorithm.REGISTRY;
} else }
else
{ {
combiningAlgRegistry = new ImmutableCombiningAlgRegistry(HashCollections.newImmutableSet(StandardCombiningAlgorithm.REGISTRY.getExtensions(), algExtensions)); combiningAlgRegistry = new ImmutableCombiningAlgRegistry(HashCollections.newImmutableSet(StandardCombiningAlgorithm.REGISTRY.getExtensions(), algExtensions));
} }
} else }
else
{ {
combiningAlgRegistry = new ImmutableCombiningAlgRegistry(algExtensions); combiningAlgRegistry = new ImmutableCombiningAlgRegistry(algExtensions);
} }
...@@ -348,7 +355,8 @@ public final class PdpEngineConfiguration ...@@ -348,7 +355,8 @@ public final class PdpEngineConfiguration
try try
{ {
maxPolicySetRefDepth = bigMaxPolicyRefDepth == null ? -1 : bigMaxPolicyRefDepth.intValueExact(); maxPolicySetRefDepth = bigMaxPolicyRefDepth == null ? -1 : bigMaxPolicyRefDepth.intValueExact();
} catch (final ArithmeticException e) }
catch (final ArithmeticException e)
{ {
throw new IllegalArgumentException("Invalid maxPolicyRefDepth: " + bigMaxPolicyRefDepth, e); throw new IllegalArgumentException("Invalid maxPolicyRefDepth: " + bigMaxPolicyRefDepth, e);
} }
...@@ -359,29 +367,29 @@ public final class PdpEngineConfiguration ...@@ -359,29 +367,29 @@ public final class PdpEngineConfiguration
xacmlExpressionFactory = new DepthLimitingExpressionFactory(attValFactoryRegistry, functionRegistry, attProviderFactories, maxVarRefDepth, enableXPath, strictAttributeIssuerMatch); xacmlExpressionFactory = new DepthLimitingExpressionFactory(attValFactoryRegistry, functionRegistry, attProviderFactories, maxVarRefDepth, enableXPath, strictAttributeIssuerMatch);
/* /*
* Policy Reference processing - Policy-by-reference Provider * Policy Provider
*/ */
final AbstractPolicyProvider refPolicyProviderJaxbConf = pdpJaxbConf.getRefPolicyProvider(); final AbstractPolicyProvider policyProviderJaxbConf = pdpJaxbConf.getPolicyProvider();
final Optional<CloseableRefPolicyProvider> refPolicyProvider; policyProvider = newPolicyProvider(policyProviderJaxbConf, xacmlParserFactory, maxPolicySetRefDepth, xacmlExpressionFactory, combiningAlgRegistry, envProps);
if (refPolicyProviderJaxbConf == null)
{
refPolicyProvider = Optional.empty();
} else
{
refPolicyProvider = Optional.of(newRefPolicyProvider(refPolicyProviderJaxbConf, xacmlParserFactory, maxPolicySetRefDepth, xacmlExpressionFactory, combiningAlgRegistry, envProps));
}
final TopLevelPolicyElementRef rootPolicyRef = pdpJaxbConf.getRootPolicyRef();
/* /*
* Root Policy Provider * PDP XSD assumed to ensure rootPolicyRef is defined
*/ */
rootPolicyProvider = newRootPolicyProvider(rootPolicyProviderJaxbConf, xacmlParserFactory, xacmlExpressionFactory, combiningAlgRegistry, refPolicyProvider, envProps); assert rootPolicyRef != null;
final Boolean mustBePolicySet = rootPolicyRef.isPolicySet();
this.rootPolicyElementType = mustBePolicySet == null ? Optional.empty()
: mustBePolicySet.booleanValue() ? Optional.of(TopLevelPolicyElementType.POLICY_SET) : Optional.of(TopLevelPolicyElementType.POLICY);
this.rootPolicyId = rootPolicyRef.getValue();
this.rootPolicyVersionPatterns = Optional.ofNullable(new PolicyVersionPatterns(rootPolicyRef.getVersion(), null, null));
// Decision cache // Decision cache
final AbstractDecisionCache decisionCacheJaxbConf = pdpJaxbConf.getDecisionCache(); final AbstractDecisionCache decisionCacheJaxbConf = pdpJaxbConf.getDecisionCache();
if (decisionCacheJaxbConf == null) if (decisionCacheJaxbConf == null)
{ {
decisionCache = Optional.empty(); decisionCache = Optional.empty();
} else }
else
{ {
decisionCache = Optional.of(newDecisionCache(decisionCacheJaxbConf, attValFactoryRegistry, envProps)); decisionCache = Optional.of(newDecisionCache(decisionCacheJaxbConf, attValFactoryRegistry, envProps));
} }
...@@ -391,7 +399,8 @@ public final class PdpEngineConfiguration ...@@ -391,7 +399,8 @@ public final class PdpEngineConfiguration
try try
{ {
this.clientReqErrVerbosityLevel = clientReqErrVerbosityBigInt == null ? 0 : clientReqErrVerbosityBigInt.intValueExact(); this.clientReqErrVerbosityLevel = clientReqErrVerbosityBigInt == null ? 0 : clientReqErrVerbosityBigInt.intValueExact();
} catch (final ArithmeticException e) }
catch (final ArithmeticException e)
{ {
throw new IllegalArgumentException("Invalid clientRequestErrorVerbosityLevel: " + clientReqErrVerbosityBigInt, e); throw new IllegalArgumentException("Invalid clientRequestErrorVerbosityLevel: " + clientReqErrVerbosityBigInt, e);
} }
...@@ -401,7 +410,8 @@ public final class PdpEngineConfiguration ...@@ -401,7 +410,8 @@ public final class PdpEngineConfiguration
if (inoutProcChains.isEmpty()) if (inoutProcChains.isEmpty())
{ {
this.ioProcChainsByInputType = Collections.emptyMap(); this.ioProcChainsByInputType = Collections.emptyMap();
} else }
else
{ {
final Map<Class<?>, Entry<DecisionRequestPreprocessor<?, ?>, DecisionResultPostprocessor<?, ?>>> mutableInoutProcChainsByInputType = HashCollections final Map<Class<?>, Entry<DecisionRequestPreprocessor<?, ?>, DecisionResultPostprocessor<?, ?>>> mutableInoutProcChainsByInputType = HashCollections
.newUpdatableMap(inoutProcChains.size()); .newUpdatableMap(inoutProcChains.size());
...@@ -414,7 +424,8 @@ public final class PdpEngineConfiguration ...@@ -414,7 +424,8 @@ public final class PdpEngineConfiguration
if (resultPostprocId == null) if (resultPostprocId == null)
{ {
decisionResultPostproc = null; decisionResultPostproc = null;
} else }
else
{ {
final DecisionResultPostprocessor.Factory<?, ?> resultPostprocFactory = PdpExtensions.getExtension(DecisionResultPostprocessor.Factory.class, resultPostprocId); final DecisionResultPostprocessor.Factory<?, ?> resultPostprocFactory = PdpExtensions.getExtension(DecisionResultPostprocessor.Factory.class, resultPostprocId);
decisionResultPostproc = resultPostprocFactory.getInstance(clientReqErrVerbosityLevel); decisionResultPostproc = resultPostprocFactory.getInstance(clientReqErrVerbosityLevel);
...@@ -464,7 +475,8 @@ public final class PdpEngineConfiguration ...@@ -464,7 +475,8 @@ public final class PdpEngineConfiguration
try try
{ {
pdpJaxbConf = modelHandler.unmarshal(confXmlSrc, Pdp.class); pdpJaxbConf = modelHandler.unmarshal(confXmlSrc, Pdp.class);
} catch (final JAXBException e) }
catch (final JAXBException e)
{ {
throw new IllegalArgumentException("Invalid PDP configuration file", e); throw new IllegalArgumentException("Invalid PDP configuration file", e);
} }
...@@ -546,7 +558,8 @@ public final class PdpEngineConfiguration ...@@ -546,7 +558,8 @@ public final class PdpEngineConfiguration
{ {
final File confFile = ResourceUtils.getFile(confLocation); final File confFile = ResourceUtils.getFile(confLocation);
return getInstance(confFile, modelHandler); return getInstance(confFile, modelHandler);
} catch (final FileNotFoundException e) }
catch (final FileNotFoundException e)
{ {
if (LOGGER.isInfoEnabled()) if (LOGGER.isInfoEnabled())
{ {
...@@ -563,7 +576,8 @@ public final class PdpEngineConfiguration ...@@ -563,7 +576,8 @@ public final class PdpEngineConfiguration
try try
{ {
confUrl = ResourceUtils.getURL(confLocation); confUrl = ResourceUtils.getURL(confLocation);
} catch (final FileNotFoundException e) }
catch (final FileNotFoundException e)
{ {
throw new IllegalArgumentException("Invalid PDP configuration location (neither a file in the file system nor a valid URL): " + confLocation, e); throw new IllegalArgumentException("Invalid PDP configuration location (neither a file in the file system nor a valid URL): " + confLocation, e);
} }
...@@ -603,19 +617,19 @@ public final class PdpEngineConfiguration ...@@ -603,19 +617,19 @@ public final class PdpEngineConfiguration
* <xs:import namespace="http://authzforce.github.io/core/xmlns/test/3" /> * <xs:import namespace="http://authzforce.github.io/core/xmlns/test/3" />
* </xs:schema> * </xs:schema>
* } * }
* </pre> * </pre>
* *
* In this example, the file at {@code catalogLocation} must define the schemaLocation for the imported namespace above using a line like this (for an XML-formatted catalog): * In this example, the file at {@code catalogLocation} must define the schemaLocation for the imported namespace above using a line like this (for an XML-formatted catalog):
* *
* <pre> * <pre>
* {@literal * {@literal
* <uri name="http://authzforce.github.io/core/xmlns/test/3" uri= * <uri name="http://authzforce.github.io/core/xmlns/test/3" uri=
* "classpath:org.ow2.authzforce.core.test.xsd" /> * "classpath:org.ow2.authzforce.core.test.xsd" />
* } * }
* </pre> * </pre>
* *
* We assume that this XML type is an extension of one the PDP extension base types, 'AbstractAttributeProvider' (that extends 'AbstractPdpExtension' like all other extension base * We assume that this XML type is an extension of one the PDP extension base types, 'AbstractAttributeProvider' (that extends 'AbstractPdpExtension' like all other extension base types) in this
* types) in this case. * case.
* @param catalogLocation * @param catalogLocation
* location of XML catalog for resolving XSDs imported by the extension XSD specified as 'extensionXsdLocation' argument (may be null if 'extensionXsdLocation' is null) * location of XML catalog for resolving XSDs imported by the extension XSD specified as 'extensionXsdLocation' argument (may be null if 'extensionXsdLocation' is null)
* @return PDP instance * @return PDP instance
...@@ -656,19 +670,19 @@ public final class PdpEngineConfiguration ...@@ -656,19 +670,19 @@ public final class PdpEngineConfiguration
* <xs:import namespace="http://authzforce.github.io/core/xmlns/test/3" /> * <xs:import namespace="http://authzforce.github.io/core/xmlns/test/3" />
* </xs:schema> * </xs:schema>
* } * }
* </pre> * </pre>
* *
* In this example, the file at {@code catalogLocation} must define the schemaLocation for the imported namespace above using a line like this (for an XML-formatted catalog): * In this example, the file at {@code catalogLocation} must define the schemaLocation for the imported namespace above using a line like this (for an XML-formatted catalog):
* *
* <pre> * <pre>
* {@literal * {@literal
* <uri name="http://authzforce.github.io/core/xmlns/test/3" uri= * <uri name="http://authzforce.github.io/core/xmlns/test/3" uri=
* "classpath:org.ow2.authzforce.core.test.xsd" /> * "classpath:org.ow2.authzforce.core.test.xsd" />
* } * }
* </pre> * </pre>
* *
* We assume that this XML type is an extension of one the PDP extension base types, 'AbstractAttributeProvider' (that extends 'AbstractPdpExtension' like all other extension base * We assume that this XML type is an extension of one the PDP extension base types, 'AbstractAttributeProvider' (that extends 'AbstractPdpExtension' like all other extension base types) in this
* types) in this case. * case.
* @param catalogLocation * @param catalogLocation
* location of XML catalog for resolving XSDs imported by the extension XSD specified as 'extensionXsdLocation' argument (may be null if 'extensionXsdLocation' is null) * location of XML catalog for resolving XSDs imported by the extension XSD specified as 'extensionXsdLocation' argument (may be null if 'extensionXsdLocation' is null)
* @return PDP instance * @return PDP instance
...@@ -735,9 +749,39 @@ public final class PdpEngineConfiguration ...@@ -735,9 +749,39 @@ public final class PdpEngineConfiguration
* *
* @return the Root Policy Provider * @return the Root Policy Provider
*/ */
public RootPolicyProvider getRootPolicyProvider() public CloseablePolicyProvider<?> getPolicyProvider()
{