Skip to content
  1. Dec 01, 2023
  2. Feb 07, 2022
  3. Feb 02, 2022
    • cdanger's avatar
      - Fixed #62: Refactor BasePdpEngine - Move the standardEnvironmentAttribute*... · 508e918b
      cdanger authored
      - Fixed #62: Refactor BasePdpEngine - Move the standardEnvironmentAttribute* code (providing current-time/dateTime/date attributes not present in the request) to dedicated AttributeProvider -> new PDP XSD and new built-in AttributeProvider: `StandardEnvironmentAttributeProvider` class
      - authzforce-ce-parent upgraded to 8.1.0
      - Authzfoce-ce-core-pdp-api upgraded to 19.0.0: applied API changes:
      ### Changed
      - AttributeProvider interface removed, existing NamedAttributeProvider used instead
      - `authzforce-ce-parent` version: 8.1.0
      - Improved support of Multiple Decision Profile in the `PdpEngine` interface and the following types of PDP extensions:  Combining Algorithm, Function, Attribute Provider, Policy Provider. The corresponding interfaces (`CombiningAlg`...) have changed: certain of their methods - called during request evaluation - now take a new `Optional<EvaluationContext>` parameter which is used to pass the MDP evaluation context (MDP = Multiple Decision Profile) which is an evaluation context shared across all the Individual Decision Requests within the same Multiple Decision Request whenever MDP is used in the input request to the PDP. This enables all PDP extensions to be aware / provide better support of the Multiple Decision Profile. This may be used in particular by an Attribute Provider providing the standard current-time/current-date/current-dateTime attributes which should have the same values for all Individual Decision Requests corresponding to the same Multiple Decision Request.
      - `DecisionRequest` and `EvaluationContext` interfaces changed:
        - New method `getCreationTimestamp()`: provides the date/time of the request/context creation. Used typically for the standard current-* attributes.
        - `putNamedAttributeValueIfAbsent(AttributeFqn, AttributeBag)` replaced with more generic `putNamedAttributeValue(AttributeFqn, AttributeBag, boolean override)`
      
      ### Added
      - Attribute Provider (`NamedAttributeProvider`) interface: added 2 new methods for better support of the Multiple Decision Profile (all implemented by default to do nothing):
      
          - `beginMultipleDecisionRequest(EvaluationContext mdpContext)`: for special processing in the context of the MDP request (before corresponding Individual Decision requests are evaluated)
          - `supportsBeginMultipleDecisionRequest()`: indicates whether the Attribute Provider implements `beginMultipleDecisionRequest()` method and therefore needs the PDP engine to call it when a new MDP request is evaluated
          - `beginIndividualDecisionRequest(EvaluationContext individualDecisionContext, Optional<EvaluationContext> mdpContext)`: for special processing in the context of an Individual Decision request, before it is evaluated against policies (before the `get(attribute)` method is ever called for the individual decision request).
          - `supportsBeginIndividualDecisionRequest()`: indicates whether the Attribute Provider implements `beginIndividualDecisionRequest()` method and therefore needs the PDP engine to call it when a new individual decision request is evaluated.
      
      - PdpBean#evaluate(...), PdpEngine#evaluate(...) and all *Evaluator#evaluate(...) method takes a new `Optional<EvaluationContext>` parameter to support the new MDP evaluation context when MDP (Multiple Decision profile) is used
      - Moved the OSS PDP benchmark (authzforce, at&t xacml and wso2 balana) to a separate maven module
      - Obsoleted .travis.yml replaced with GitHub Action
      - Replaced ModularAttributeProvider with new CloseableNamedAttributeProviderRegistry, EvaluationContextBased*NamedAttributeProvider classes
      - Updated all tests pdp.xml (PDP configs) to new XSD
      - Added Migration (from 17.x to 18.x) instructions with new `migration` folder containing migration XSLT stylesheets and new XSLT for migrating PDP config to XSD v8: pdp-xsd-v7.xsl
      - pdp-testutils module: upgraded jongo dependency to 1.5.0, mongo-java-driver to 3.12.10
      - New StandardResourceAttribute/StandardSubjectAttribute enums for standard resource/suject attributes with standard-fixed datatype
      - pdp-cli: Upgraded picocli to 4.6.2, testng to 7.5
      508e918b
  4. Jun 23, 2020
    • Antoine Mottier's avatar
      Add Java 8 requirement for building using Maven · 6e38c7b8
      Antoine Mottier authored
      java.xml.bind is no longer part of Java SE (starting with version 11, was disable by default in version 10).
      This change make the build fail if using Java 11.
      I added a note in the "Building the project" section to warn the user.
      Long term solution would be to update the project dependency to add the missing library.
      6e38c7b8
  5. Jun 15, 2020
  6. Nov 25, 2017
    • cdanger's avatar
      - Upgraded parent project version: 6.0.0 -> 7.0.0 · 5e371980
      cdanger authored
      - Upgraded dependencies: core-pdp-api: 11.0.0 ->12.0.0
      - Changed PDP XSD: 5.0.0 -> 6.0.0
      	- Attribute badRequestStatusDetailLevel ->
      clientRequestErrorVerbosityLevel
      	- Attribute requestFilter/resultFilter attributes -> element
      ioProcChain* (InOutProcChain: pair of request/response processors)
      	- Added maxIntegerValue attribute to help the PDP engine optimize
      processing of integer values (choice between Java integer
      implementations, i.e. BigInteger, Long, Integer)
      - Changed naming convention for class names with acronym(s) (only first
      letter should be uppercase), e.g. PolicyPOJO -> PolicyPojo	
      - Added module pdp-cli for PDP command-line interface, produces an
      executable jar allowing to test PDP engine on the command line
      - Added module pdp-io-xacml-json for PDP extensions processing
      (request/result pre/postprocessors) formats defined by JSON Profile of
      XACML 3.0, with OASIS XACML 3.0 conformance tests auto-converted (from
      XML) to JSON; therefore also provides XSLT sheets for transforming
      XACML/XML requests/responses to XACML/JSON
      - Adapted BasePdpEngine to new PdpEngine interface, i.e. agnostic of
      serialization format, e.g. XACML/XML specific part moved to separate
      PdpEngineInoutAdapter implementation
      - XACML/JAXB RequestFilters become RequestPreprocessors:
      	- DefaultRequestFilter -> SingleDecisionXacmlJaxbRequestPreprocessor
      	- MultiDecisionRequestFilter ->
      MultiDecisionXacmlJaxbRequestPreprocessor
      - PdpEngineAdapters utility class to help instantiate
      XACML/JAXB-supporting PDP engines
      - Added PdpEngineConfiguration utility class to simplify instantiation
      of BasePdpEngine from pdp.xml
      - Renamed PdpExtensionLoader -> PdpExtensions
      - Renamed CoreRefBasedRootPolicyProviderModule ->
      CoreRefBasedRootPolicyProvider
      - Renamed CoreRefPolicyProviderModule -> CoreRefPolicyProvider
      - Renamed CoreRootPolicyProviderModule -> CoreRootPolicyProvider
      - Renamed MongoDBRefPolicyProviderModule -> MongoDbRefPolicyProvider
      - StaticApplicablePolicyView -> FlattenedPolicyTree
      - ImmutableDatatypeFactoryRegistry ->
      ImmutableAttributeValueFactoryRegistry
      - StandardDatatypeFactoryRegistry -> StandardAttributeValueFactories
      - PDP extensions
      5e371980
  7. Oct 10, 2017
  8. Sep 03, 2016
  9. Apr 07, 2016
  10. Nov 24, 2015