Commit f86c6581 authored by Cyril Dangerville's avatar Cyril Dangerville

- Added plugin management for aspectj-maven-plugin to remove warning in

eclipse
- Improved policy parsing error handling (e.g. lots of exceptions were
only logged and no exception thrown, therefore root cause unknown and
troubleshooting very hard)
- Specified type parameters for Lists, Sets when possible in policy
handling classes
parent 5d3bd83d
......@@ -383,5 +383,35 @@
</configuration>
</plugin>
</plugins>
<pluginManagement>
<plugins>
<!--This plugin's configuration is used to store Eclipse m2e settings only. It has no influence on the Maven build itself.-->
<plugin>
<groupId>org.eclipse.m2e</groupId>
<artifactId>lifecycle-mapping</artifactId>
<version>1.0.0</version>
<configuration>
<lifecycleMappingMetadata>
<pluginExecutions>
<pluginExecution>
<pluginExecutionFilter>
<groupId>org.codehaus.mojo</groupId>
<artifactId>aspectj-maven-plugin</artifactId>
<versionRange>[1.5,)</versionRange>
<goals>
<goal>test-compile</goal>
<goal>compile</goal>
</goals>
</pluginExecutionFilter>
<action>
<ignore></ignore>
</action>
</pluginExecution>
</pluginExecutions>
</lifecycleMappingMetadata>
</configuration>
</plugin>
</plugins>
</pluginManagement>
</build>
</project>
......@@ -150,7 +150,7 @@ public class PolicyReference extends oasis.names.tc.xacml._3_0.core.schema.wd_17
// check if input policyType is a valid value
if ((policyType != POLICY_REFERENCE) && (policyType != POLICYSET_REFERENCE))
throw new IllegalArgumentException("Input policyType is not a" + "valid value");
throw new IllegalArgumentException("Input policyType is not a valid value");
this.reference = reference;
this.policyType = policyType;
......@@ -427,7 +427,7 @@ public class PolicyReference extends oasis.names.tc.xacml._3_0.core.schema.wd_17
* referenced policy, not the meta-data for the parent policy (which is what gets provided to
* the constructors of this class).
*
* @return the policy's meta-data
* @return the policy's meta-data
*
* @throws ProcessingException
* if the referenced policy can't be retrieved
......@@ -465,23 +465,32 @@ public class PolicyReference extends oasis.names.tc.xacml._3_0.core.schema.wd_17
/**
* Private helper method that tried to resolve the policy
* @throws UnknownIdentifierException unknown rule combining algorithm ID
* @throws IllegalArgumentException
*/
private IPolicy resolvePolicy()
{
// see if this reference was setup with a finder
if (finder == null)
{
LOGGER.warn("PolicyReference with id '{}' was queried but was not configured with a PolicyFinder", reference);
throw new ProcessingException("couldn't find the policy with " + "a null finder");
LOGGER.warn("Policy(Set)Reference with id '{}' was queried but was not configured with a PolicyFinder", reference);
throw new ProcessingException("couldn't find the policy with a null finder");
}
PolicyFinderResult pfr = finder.findPolicy(reference, policyType, constraints, parentMetaData);
PolicyFinderResult pfr;
try
{
pfr = finder.findPolicy(reference, policyType, constraints, parentMetaData);
} catch (UnknownIdentifierException e)
{
throw new ProcessingException("Invalid policy #"+reference+"/"+constraints);
}
if (pfr.notApplicable()) {
throw new ProcessingException("couldn't resolve the policy");
throw new ProcessingException("couldn't resolve the policy#"+reference+"/"+constraints);
}
if (pfr.indeterminate()) {
throw new ProcessingException("error resolving the policy");
throw new ProcessingException("error resolving the policy#"+reference+"/"+constraints);
}
return pfr.getPolicy();
}
......@@ -494,7 +503,7 @@ public class PolicyReference extends oasis.names.tc.xacml._3_0.core.schema.wd_17
* @param context
* the representation of the request
*
* @return the result of evaluation
* @return the result of evaluation
*/
@Override
public Result evaluate(EvaluationCtx context)
......@@ -503,7 +512,14 @@ public class PolicyReference extends oasis.names.tc.xacml._3_0.core.schema.wd_17
if (finder == null)
return new Result(DecisionType.NOT_APPLICABLE, context.getResourceId().encode());
PolicyFinderResult pfr = finder.findPolicy(reference, policyType, constraints, parentMetaData);
PolicyFinderResult pfr;
try
{
pfr = finder.findPolicy(reference, policyType, constraints, parentMetaData);
} catch (UnknownIdentifierException e)
{
throw new ProcessingException("Invalid combining algorithm in Policy(Set) referenced by '"+ reference+"/" + encodeConstraints() + "'");
}
// if we found nothing, then we return NotApplicable
if (pfr.notApplicable())
......
......@@ -375,8 +375,9 @@ public class PolicySet extends AbstractPolicySet implements IPolicy
* Creates a new PolicySet based on the given root node. This is private since every class is
* supposed to use a getInstance() method to construct from a Node, but since we want some
* common code in the parent class, we need this functionality in a constructor.
* @throws UnknownIdentifierException unknown rule combining algorithm ID in one of the child policies
*/
private PolicySet(Node root, PolicyFinder finder) throws ParsingException
private PolicySet(Node root, PolicyFinder finder) throws ParsingException, UnknownIdentifierException
{
super(root, "PolicySet", "PolicyCombiningAlgId");
......@@ -422,7 +423,7 @@ public class PolicySet extends AbstractPolicySet implements IPolicy
// now make sure that we can match up any parameters we may have
// found to a cooresponding Policy or PolicySet...
List elements = new ArrayList();
List<PolicyCombinerElement> elements = new ArrayList<>();
Iterator<IPolicy> it = policies.iterator();
// right now we have to go though each policy and based on several
......@@ -474,24 +475,24 @@ public class PolicySet extends AbstractPolicySet implements IPolicy
* serializable/marshallable), therefore not what it is intended for, why? Would be more
* readable and simple to have another member of type List<PolicyCombinerElement>
*/
this.policySetsAndPoliciesAndPolicySetIdReferences.addAll((List<JAXBElement<?>>) Collections.unmodifiableList(elements));
this.policySetsAndPoliciesAndPolicySetIdReferences.addAll(Collections.unmodifiableList(elements));
// setChildren(elements);
}
/**
* Private helper method that handles parsing a collection of parameters
*/
private void paramaterHelper(HashMap parameters, Node root, String prefix) throws ParsingException
private static void paramaterHelper(HashMap<String, List<CombinerParameter>> parameters, Node root, String prefix) throws ParsingException
{
String ref = root.getAttributes().getNamedItem(prefix + "IdRef").getNodeValue();
if (parameters.containsKey(ref))
{
List list = (List) (parameters.get(ref));
List<CombinerParameter> list = parameters.get(ref);
parseParameters(list, root);
} else
{
List list = new ArrayList();
List<CombinerParameter> list = new ArrayList<>();
parseParameters(list, root);
parameters.put(ref, list);
}
......@@ -534,7 +535,7 @@ public class PolicySet extends AbstractPolicySet implements IPolicy
/**
* Private helper method that handles parsing a single parameter.
*/
private static void parseParameters(List parameters, Node root) throws ParsingException
private static void parseParameters(List<CombinerParameter> parameters, Node root) throws ParsingException
{
NodeList nodes = root.getChildNodes();
......@@ -568,8 +569,9 @@ public class PolicySet extends AbstractPolicySet implements IPolicy
*
* @throws ParsingException
* if the PolicySetType is invalid
* @throws UnknownIdentifierException unknown rule combining algorithm ID in one of the child policies
*/
public static PolicySet getInstance(Node root) throws ParsingException
public static PolicySet getInstance(Node root) throws ParsingException, UnknownIdentifierException
{
return getInstance(root, null);
}
......@@ -587,8 +589,9 @@ public class PolicySet extends AbstractPolicySet implements IPolicy
*
* @throws ParsingException
* if the PolicySetType is invalid
* @throws UnknownIdentifierException unknown rule combining algorithm ID in one of the child policies
*/
public static PolicySet getInstance(Node root, PolicyFinder finder) throws ParsingException
public static PolicySet getInstance(Node root, PolicyFinder finder) throws ParsingException, UnknownIdentifierException
{
// first off, check that it's the right kind of node
if (!(root.getNodeName().equals("PolicySet") || root.getNodeName().equals("PolicySetType")))
......
......@@ -44,6 +44,7 @@ import org.slf4j.LoggerFactory;
import com.sun.xacml.EvaluationCtx;
import com.sun.xacml.PolicyMetaData;
import com.sun.xacml.PolicyReference;
import com.sun.xacml.UnknownIdentifierException;
import com.sun.xacml.VersionConstraints;
import com.sun.xacml.ctx.Status;
......@@ -261,9 +262,10 @@ public class PolicyFinder
*
* @throws IllegalArgumentException
* if <code>type</code> is invalid
* @throws UnknownIdentifierException unknown rule combining algorithm ID
*/
public PolicyFinderResult findPolicy(URI idReference, int type, VersionConstraints constraints, PolicyMetaData parentMetaData)
throws IllegalArgumentException
throws UnknownIdentifierException
{
PolicyFinderResult result = null;
......
......@@ -37,6 +37,7 @@ import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
......@@ -48,6 +49,8 @@ import org.xml.sax.SAXException;
import com.sun.xacml.EvaluationCtx;
import com.sun.xacml.ParsingException;
import com.sun.xacml.ProcessingException;
import com.sun.xacml.UnknownIdentifierException;
import com.sun.xacml.finder.PolicyFinder;
import com.sun.xacml.finder.PolicyFinderModule;
import com.sun.xacml.finder.PolicyFinderResult;
......@@ -81,7 +84,7 @@ public class FilePolicyModule extends PolicyFinderModule
private File schemaFile = null;
// the filenames for the files we'll load
private Set fileNames;
private Set<String> fileNames;
// the actual loaded policies
private PolicyCollection policies;
......@@ -96,7 +99,7 @@ public class FilePolicyModule extends PolicyFinderModule
*/
public FilePolicyModule()
{
fileNames = new HashSet();
fileNames = new HashSet<>();
policies = new PolicyCollection();
String schemaName = System.getProperty(PolicyReader.POLICY_SCHEMA_PROPERTY);
......@@ -115,7 +118,7 @@ public class FilePolicyModule extends PolicyFinderModule
*/
public FilePolicyModule(File schemaFile)
{
fileNames = new HashSet();
fileNames = new HashSet<>();
policies = new PolicyCollection();
this.schemaFile = schemaFile;
......@@ -142,7 +145,7 @@ public class FilePolicyModule extends PolicyFinderModule
* @param fileNames
* a <code>List</code> of <code>String</code>s that identify policy files
*/
public FilePolicyModule(List fileNames)
public FilePolicyModule(List<String> fileNames)
{
this();
......@@ -160,7 +163,7 @@ public class FilePolicyModule extends PolicyFinderModule
* the schema file to validate policies against, or null if schema validation is not
* desired.
*/
public FilePolicyModule(List fileNames, String schemaFile)
public FilePolicyModule(List<String> fileNames, String schemaFile)
{
this(schemaFile);
......@@ -176,6 +179,7 @@ public class FilePolicyModule extends PolicyFinderModule
*
* @param filename
* the file to add to this module's collection of files
* @return true iff filename was not already in the list
*/
public boolean addPolicy(String filename)
{
......@@ -188,6 +192,7 @@ public class FilePolicyModule extends PolicyFinderModule
*
* @return true, since finding policies based on requests is supported
*/
@Override
public boolean isRequestSupported()
{
return true;
......@@ -201,24 +206,22 @@ public class FilePolicyModule extends PolicyFinderModule
* @param finder
* a PolicyFinder used to help in instantiating PolicySets
*/
@Override
public void init(PolicyFinder finder)
{
PolicyReader reader = new PolicyReader(finder, LOGGER, schemaFile);
Iterator it = fileNames.iterator();
while (it.hasNext())
{
String fname = (String) (it.next());
for(String fname: fileNames) {
final IPolicy policy;
try
try(final InputStream fileIn = new FileInputStream(fname))
{
String typePolicy = reader.getType(new FileInputStream(fname));
String typePolicy = reader.getType(fileIn);
if (typePolicy.equals("Policy"))
{
policy = reader.readPolicy(new FileInputStream(fname));
policy = reader.readPolicy(fileIn);
} else if (typePolicy.equals("PolicySet"))
{
policy = reader.readPolicySet(new FileInputStream(fname));
policy = reader.readPolicySet(fileIn);
} else
{
throw new IllegalArgumentException("Invalid type of Policy Element: " + typePolicy);
......@@ -230,16 +233,19 @@ public class FilePolicyModule extends PolicyFinderModule
}
} catch (FileNotFoundException fnfe)
{
LOGGER.error("File couldn't be read: {}", fname, fnfe);
throw new ProcessingException("Policy file '"+fname+"' not found", fnfe);
} catch (ParsingException pe)
{
LOGGER.error("File couldn't be parsed: {}", fname, pe);
throw new ProcessingException("Policy file '"+fname+"' couldn't be parsed into XACML", pe);
} catch (SAXException e)
{
LOGGER.error("File couldn't be parsed: {}", fname, e);
throw new ProcessingException("Policy file '"+fname+"' couldn't be parsed into XML", e);
} catch (IOException e)
{
LOGGER.error("File couldn't be read: {}", fname, e);
throw new ProcessingException("Policy file '"+fname+"' couldn't be read", e);
} catch (UnknownIdentifierException e)
{
throw new ProcessingException("Invalid combining algorithm ID found in policy file "+fname, e);
}
}
}
......@@ -255,6 +261,7 @@ public class FilePolicyModule extends PolicyFinderModule
*
* @return the result of trying to find an applicable policy
*/
@Override
public PolicyFinderResult findPolicy(EvaluationCtx context)
{
// try
......@@ -319,10 +326,11 @@ public class FilePolicyModule extends PolicyFinderModule
try {
final IPolicy policy = policies.getPolicy(context);
if (policy == null)
if (policy == null) {
return new PolicyFinderResult();
else
return new PolicyFinderResult(policy);
}
return new PolicyFinderResult(policy);
} catch (TopLevelPolicyException tlpe) {
return new PolicyFinderResult(tlpe.getStatus());
}
......
......@@ -56,6 +56,7 @@ import org.xml.sax.SAXParseException;
import com.sun.xacml.ParsingException;
import com.sun.xacml.PolicySet;
import com.sun.xacml.UnknownIdentifierException;
import com.sun.xacml.finder.PolicyFinder;
import com.sun.xacml.xacmlv3.Policy;
......@@ -189,8 +190,9 @@ public class PolicyReader implements ErrorHandler
*
* @throws ParsingException
* if an error occurs while reading or parsing the policy
* @throws UnknownIdentifierException unknown rule combining algorithm ID
*/
public synchronized Policy readPolicy(File file) throws ParsingException
public synchronized Policy readPolicy(File file) throws ParsingException, UnknownIdentifierException
{
try
{
......@@ -217,8 +219,9 @@ public class PolicyReader implements ErrorHandler
*
* @throws ParsingException
* if an error occurs while reading or parsing the policy
* @throws UnknownIdentifierException unknown rule combining algorithm ID
*/
public synchronized Policy readPolicy(InputStream input) throws ParsingException
public synchronized Policy readPolicy(InputStream input) throws ParsingException, UnknownIdentifierException
{
try
{
......@@ -232,7 +235,13 @@ public class PolicyReader implements ErrorHandler
}
}
public synchronized PolicySet readPolicySet(InputStream input) throws ParsingException
/**
* @param input
* @return
* @throws ParsingException
* @throws UnknownIdentifierException unknown rule combining algorithm ID in one of the child policies
*/
public synchronized PolicySet readPolicySet(InputStream input) throws ParsingException, UnknownIdentifierException
{
try
{
......@@ -258,8 +267,9 @@ public class PolicyReader implements ErrorHandler
* @throws ParsingException
* if an error occurs while reading or parsing the policy, or if the URL can't be
* resolved
* @throws UnknownIdentifierException unknown rule combining algorithm ID
*/
public Policy readPolicy(URL url) throws ParsingException
public Policy readPolicy(URL url) throws ParsingException, UnknownIdentifierException
{
try
{
......@@ -272,8 +282,9 @@ public class PolicyReader implements ErrorHandler
/**
* A private method that handles reading the policy and creates the correct kind of Policy.
* @throws UnknownIdentifierException unknown rule combining algorithm ID
*/
private static Policy handleDocument(Document doc) throws ParsingException
private static Policy handleDocument(Document doc) throws ParsingException, UnknownIdentifierException
{
// handle the policy, if it's a known type
Element root = doc.getDocumentElement();
......@@ -293,8 +304,9 @@ public class PolicyReader implements ErrorHandler
/**
* A private method that handles reading the policySet and creates the correct kind of
* PolicySet.
* @throws UnknownIdentifierException unknown rule combining algorithm ID in one of the child policies
*/
private static PolicySet handlePolicySetDocument(Document doc) throws ParsingException
private static PolicySet handlePolicySetDocument(Document doc) throws ParsingException, UnknownIdentifierException
{
// handle the policy, if it's a known type
Element root = doc.getDocumentElement();
......@@ -353,7 +365,7 @@ public class PolicyReader implements ErrorHandler
throw new SAXException("fatal error parsing policy");
}
public String getType(FileInputStream input) throws ParsingException, SAXException, IOException
public String getType(InputStream input) throws ParsingException, SAXException, IOException
{
// handle the policy, if it's a known type
Document doc = builder.parse(input);
......
......@@ -37,6 +37,7 @@ import com.sun.xacml.xacmlv3.Policy;
import com.sun.xacml.ParsingException;
import com.sun.xacml.PolicyMetaData;
import com.sun.xacml.PolicyReference;
import com.sun.xacml.UnknownIdentifierException;
import com.sun.xacml.VersionConstraints;
import com.sun.xacml.finder.PolicyFinder;
......@@ -149,10 +150,11 @@ public class URLPolicyFinderModule extends PolicyFinderModule
* provides XACML version, factories, etc.
*
* @return the result of looking for a matching policy
* @throws UnknownIdentifierException unknown rule combining algorithm ID
*/
public PolicyFinderResult findPolicy(URI idReference, int type,
VersionConstraints constraints,
PolicyMetaData parentMetaData) {
PolicyMetaData parentMetaData) throws UnknownIdentifierException {
// see if the URI is in fact a URL
URL url = null;
try {
......
......@@ -26,6 +26,7 @@ import oasis.names.tc.xacml._3_0.core.schema.wd_17.ObligationExpressions;
import com.sun.xacml.EvaluationCtx;
import com.sun.xacml.MatchResult;
import com.sun.xacml.PolicyMetaData;
import com.sun.xacml.UnknownIdentifierException;
import com.sun.xacml.combine.CombiningAlgorithm;
import com.sun.xacml.ctx.Result;
......@@ -121,5 +122,8 @@ public interface IPolicy
List getChildElements();
/**
* @return combining algorithm (policy combining for PolicySets, rule combining for Policies)
*/
CombiningAlgorithm getCombiningAlg();
}
......@@ -91,11 +91,13 @@ public class Policy extends oasis.names.tc.xacml._3_0.core.schema.wd_17.Policy i
* @param ruleCombiningAlgId
* @param maxDelegationDepth
* @param metadata
* @throws UnknownIdentifierException
* Unknown rule combining algorithm ID
*/
public Policy(String description, oasis.names.tc.xacml._3_0.core.schema.wd_17.PolicyIssuer issuer, DefaultsType policyDefault, Target target,
List policyElements, oasis.names.tc.xacml._3_0.core.schema.wd_17.ObligationExpressions obligations,
oasis.names.tc.xacml._3_0.core.schema.wd_17.AdviceExpressions advices, String policyId, String version, String ruleCombiningAlgId,
BigInteger maxDelegationDepth, PolicyMetaData metadata)
BigInteger maxDelegationDepth, PolicyMetaData metadata) throws UnknownIdentifierException
{
this.metaData = metadata;
......@@ -139,16 +141,8 @@ public class Policy extends oasis.names.tc.xacml._3_0.core.schema.wd_17.Policy i
this.ruleCombiningAlgId = ruleCombiningAlgId;
this.maxDelegationDepth = maxDelegationDepth;
CombiningAlgFactory factory = CombiningAlgFactory.getInstance();
try
{
this.ruleCombiningAlg = factory.createAlgorithm(URI.create(this.ruleCombiningAlgId));
} catch (DOMException e)
{
LOGGER.error("Error instantiating algorithm '{}'", this.ruleCombiningAlgId, e);
} catch (UnknownIdentifierException e)
{
LOGGER.error("Error instantiating algorithm '{}'", this.ruleCombiningAlgId, e);
}
this.ruleCombiningAlg = factory.createAlgorithm(URI.create(this.ruleCombiningAlgId));
}
/**
......@@ -157,8 +151,9 @@ public class Policy extends oasis.names.tc.xacml._3_0.core.schema.wd_17.Policy i
*
* @param root
* @return Policy handler
* @throws UnknownIdentifierException unknown rule combining algorithm ID
*/
public static Policy getInstance(Node root)
public static Policy getInstance(Node root) throws UnknownIdentifierException
{
String ruleCombiningAlgId = null;
List policyElements = new ArrayList();
......@@ -357,7 +352,7 @@ public class Policy extends oasis.names.tc.xacml._3_0.core.schema.wd_17.Policy i
if (element instanceof CombinerParametersType)
{
CombinerParametersType jaxbCombinerParams = (CombinerParametersType) element;
combParams.getCombinerParameters().addAll(jaxbCombinerParams.getCombinerParameters());
} else if (element instanceof oasis.names.tc.xacml._3_0.core.schema.wd_17.Rule)
{
......
<?xml version="1.0" encoding="UTF-8"?>
<schema xmlns="http://www.w3.org/2001/XMLSchema" xmlns:xacml="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17"
xmlns:tns="http://authzforce.thalesgroup.com/audit/schema/pdp"
targetNamespace="http://authzforce.thalesgroup.com/audit/schema/pdp"
version="1.0" elementFormDefault="qualified" attributeFormDefault="unqualified">
<schema targetNamespace="http://authzforce.thalesgroup.com/audit/schema/pdp" version="1.0" elementFormDefault="qualified" attributeFormDefault="unqualified" xmlns="http://www.w3.org/2001/XMLSchema" xmlns:xacml="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" xmlns:tns="http://authzforce.thalesgroup.com/audit/schema/pdp">
<import namespace="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" />
<!-- <element name="AuditLogs"> -->
......@@ -20,17 +17,12 @@
<sequence>
<element name="id" type="string" minOccurs="1" maxOccurs="1" />
<element name="date" type="string" minOccurs="1" maxOccurs="1" />
<element name="request" type="xacml:RequestType" minOccurs="1"
maxOccurs="1" />
<element name="request" type="xacml:RequestType" minOccurs="1" maxOccurs="1" />
<element name="matchPolicieSet" type="tns:AuditedPolicySet"
minOccurs="0" maxOccurs="unbounded" />
<element name="matchedPolicies" type="tns:AuditedPolicy"
minOccurs="1" maxOccurs="unbounded" />
<element name="rules" type="tns:AuditedRule" minOccurs="1"
maxOccurs="unbounded" />
<element name="result" type="tns:AuditedResult" minOccurs="1"
maxOccurs="1" />
<element name="matchPolicieSet" type="tns:AuditedPolicySet" minOccurs="0" maxOccurs="unbounded" />
<element name="matchedPolicies" type="tns:AuditedPolicy" minOccurs="1" maxOccurs="unbounded" />
<element name="rules" type="tns:AuditedRule" minOccurs="1" maxOccurs="unbounded" />
<element name="result" type="tns:AuditedResult" minOccurs="1" maxOccurs="1" />
<element name="subjectId" type="string" minOccurs="1" maxOccurs="1" />
<element name="resourceId" type="string" minOccurs="1" maxOccurs="1" />
......@@ -41,40 +33,30 @@
<complexType name="AuditedPolicySet">
<sequence>
<element name="id" type="string" minOccurs="1" maxOccurs="1" />
<element name="policyCombiningAlgorithm" type="string"
minOccurs="1" maxOccurs="1" />
<element name="policies" type="tns:AuditedPolicy" minOccurs="1"
maxOccurs="unbounded" />
<element name="result" type="tns:AuditedResult" minOccurs="1"
maxOccurs="1" />
<element name="policyCombiningAlgorithm" type="string" minOccurs="1" maxOccurs="1" />
<element name="policies" type="tns:AuditedPolicy" minOccurs="1" maxOccurs="unbounded" />
<element name="result" type="tns:AuditedResult" minOccurs="1" maxOccurs="1" />
</sequence>
</complexType>
<complexType name="AuditedPolicy">
<sequence>
<element name="id" type="string" minOccurs="1" maxOccurs="1" />
<element name="ruleCombiningAlgorithm" type="string"
minOccurs="1" maxOccurs="1" />
<element name="rules" type="tns:AuditedRule" minOccurs="1"
maxOccurs="unbounded" />
<element name="result" type="tns:AuditedResult" minOccurs="1"
maxOccurs="1" />
<element name="ruleCombiningAlgorithm" type="string" minOccurs="1" maxOccurs="1" />
<element name="rules" type="tns:AuditedRule" minOccurs="1" maxOccurs="unbounded" />
<element name="result" type="tns:AuditedResult" minOccurs="1" maxOccurs="1" />
</sequence>
</complexType>
<complexType name="AuditedRule">
<sequence>
<element name="id" type="string" minOccurs="1" maxOccurs="1" />
<element name="resolvedAttributes" type="tns:AuditedAttributesResolved"
minOccurs="0" maxOccurs="unbounded" />
<element name="result" type="tns:AuditedResult" minOccurs="1"
maxOccurs="1" />
<element name="resolvedAttributes" type="tns:AuditedAttributesResolved" minOccurs="0" maxOccurs="unbounded" />
<element name="result" type="tns:AuditedResult" minOccurs="1" maxOccurs="1" />
</sequence>
</complexType>
<complexType name="AuditedAttributesResolved">
<sequence>
<element name="attributeId" type="anyURI" minOccurs="1"
maxOccurs="1" />
<element name="attributeValue" type="xacml:AttributeValueType"
minOccurs="1" maxOccurs="1" />
<element name="attributeId" type="anyURI" minOccurs="1" maxOccurs="1" />
<element name="attributeValue" type="xacml:AttributeValueType" minOccurs="1" maxOccurs="1" />
</sequence>
</complexType>
<simpleType name="AuditedResult">
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment