Commit 35b2a1e3 authored by Cyril Dangerville's avatar Cyril Dangerville

Revert "- Removed NOTICE.txt coming from Sun - Removed RELEASE-NOTES.txt...

Revert "- Removed NOTICE.txt coming from Sun - Removed RELEASE-NOTES.txt because does not correspond to this fiware branch - Removed THIRD-PARTY.properties because not valid - Removed enteprise features (audit with aspectj deps) - Removed log4j conf (switching to logback) - Fixed tests (fixed Apply encode method bug, and commented tests for not yet supported string functions) - Removed XACML 2.0 conformance tests to keep only XACML 3.0"

This reverts commit 9b94a30a.
parent 9b94a30a

Too many changes to show.

To preserve performance only 1000 of 1000+ files are displayed.

Apache AuthZForce
Copyright 2013 The Apache Software Foundation
This product includes software developed at
The Apache Software Foundation (http://www.apache.org/).
\ No newline at end of file
-------------------------
AuthZForce CORE version @version- Release Notes
-------------------------
-------------------
-- Version @version
-------------------
-------------------
-- Version 3.5.2-SNAPSHOT
-------------------
Bug fixed when there were more than one AnyOf and AllOf.
Only the Match element was evaluated with the "match(context)" function
Unitary tests were added to complete and prevent that for happening again
-------------------
-- Version 3.4.2
-------------------
Fixing bug on Rule Algorithm:
- DenyUnlessPermitRuleAlg.java
- PermitUnlessDenyRuleAlg.java.
=> A cast was misplaced and an error occured on the combination of rules
-------------------
-- Version 3.4.0
-------------------
Implementation working with XACML 3.0 requests and policies. Based on OASIS model (xsd)
Artifact name refactored => authzforce-core-authzforce in order to be more clear in the Nexus repository
Partial implementation of the Multi Decision Request. The Multi Request is not implemented yet
Functionnal tests added for XACML 3.0 model. This is actually the OASIS functionnal tests translated to a v3.O model
BasicV3 => OK
BasicFunctionV3 => OK
ConformanceV3 => OK
Implementation of the "Include in result" attribute
Full support of obligations
Full support of advices
Apache 2.0 licence headers added to every source file
Audit log based on annotations for Rule and Policies.
Use @Audit(type = [RULE || POLICY]) over a method returning a result. You can also use @Audit(type = DISPLAY) to display and clear the logs.
Non exhaustif list of improvement and implementation
Combining algorithm
OK urn:oasis:names:tc:xacml:3.0:rule-combining-algorithm:deny-unless-permit
OK urn:oasis:names:tc:xacml:3.0:policy-combining-algorithm:deny-unless-permit
OK urn:oasis:names:tc:xacml:3.0:rule-combining-algorithm:permit-unless-deny
OK urn:oasis:names:tc:xacml:3.0:policy-combining-algorithm:permit-unless-deny
Functions
OK urn:oasis:names:tc:xacml:3.0:function:string-starts-with
OK urn:oasis:names:tc:xacml:3.0:function:string-ends-with
OK urn:oasis:names:tc:xacml:3.0:function:string-contains
OK urn:oasis:names:tc:xacml:3.0:function:string-substring
-------------------
-- Version 2.1.4
-------------------
Stable version working with XACML 2.0
#
# Copyright (C) ${year} T0101841 <${email}>
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# Generated by org.codehaus.mojo.license.AddThirdPartyMojo
#-------------------------------------------------------------------------------
# Already used licenses in project :
# - Apache License Version 2.0
# - BSD-Style License
# - Common Public License Version 1.0
# - New BSD License
# - The Apache Software License, Version 2.0
#-------------------------------------------------------------------------------
# Please fill the missing licenses for dependencies :
#
#
#Tue May 14 09:58:56 CEST 2013
com.thalesgroup.authzforce.core--authzforce-model--3.0.2=
commons-beanutils--commons-beanutils--1.7.0=
commons-collections--commons-collections--2.1=
org.jvnet.jaxb2_commons--runtime--0.4.1.5=
org.jvnet.jaxb2_commons--testing--0.4.1.5=
org.jvnet.jaxb2_commons--tools--0.4.1.5=
xmlunit--xmlunit--1.0=
......@@ -8,17 +8,46 @@
</parent>
<groupId>com.thalesgroup.authzforce.core</groupId>
<artifactId>authzforce-core</artifactId>
<version>FIWARE4.1-SNAPSHOT</version>
<version>3.5.4-SNAPSHOT</version>
<name>AuthZForce :: Core :: XACML Core Implementation</name>
<organization>
<name>Thales Services SAS</name>
</organization>
<description>XACML-compliant Authorization PDP Engine Core</description>
<description>An authorization server that supports XACML, X.509 attributes certificates, SQL and LDAP</description>
<inceptionYear>2011</inceptionYear>
<properties>
<!-- JDK versions for AspectJ -->
<jdk.source>1.7</jdk.source>
<jdk.target>1.7</jdk.target>
<aspectj.version>1.7.4</aspectj.version>
<debug>false</debug>
</properties>
<dependencies>
<!-- Dependencies of audit feature only -->
<dependency>
<groupId>commons-lang</groupId>
<artifactId>commons-lang</artifactId>
<groupId>org.aspectj</groupId>
<artifactId>aspectjrt</artifactId>
<version>${aspectj.version}</version>
</dependency>
<dependency>
<groupId>org.codehaus.mojo</groupId>
<artifactId>aspectj-maven-plugin</artifactId>
<version>1.5</version>
</dependency>
<dependency>
<groupId>org.codehaus.jackson</groupId>
<artifactId>jackson-jaxrs</artifactId>
<version>1.9.13</version>
</dependency>
<!-- END dependencies of audit feature -->
<dependency>
<groupId>com.thalesgroup.appsec</groupId>
<artifactId>thales-appsec-common-utils</artifactId>
<version>0.1</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-core</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.ws</groupId>
......@@ -28,6 +57,11 @@
<groupId>net.sf.ehcache</groupId>
<artifactId>ehcache</artifactId>
</dependency>
<!-- <dependency> -->
<!-- <groupId>org.yaml</groupId> -->
<!-- <artifactId>snakeyaml</artifactId> -->
<!-- <version>1.11</version> -->
<!-- </dependency> -->
<dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-rt-core</artifactId>
......@@ -39,16 +73,6 @@
<artifactId>xml-resolver</artifactId>
<version>1.2</version>
</dependency>
<dependency>
<groupId>ch.qos.logback</groupId>
<artifactId>logback-classic</artifactId>
<version>1.0.10</version>
</dependency>
<dependency>
<groupId>com.thalesgroup.appsec</groupId>
<artifactId>thales-appsec-common-utils</artifactId>
<version>0.1</version>
</dependency>
<!-- Authzforce dependencies -->
<dependency>
<groupId>com.thalesgroup.authzforce</groupId>
......@@ -57,6 +81,13 @@
<!-- /Authzforce dependencies -->
<!-- Test dependencies -->
<!-- FIXME: Dependency no longer used. Remove it? -->
<!-- <dependency> -->
<!-- <groupId>org.jvnet.jaxb2_commons</groupId> -->
<!-- <artifactId>testing</artifactId> -->
<!-- <version>0.4.1.5</version> -->
<!-- <scope>test</scope> -->
<!-- </dependency> -->
<dependency>
<groupId>commons-jxpath</groupId>
<artifactId>commons-jxpath</artifactId>
......@@ -70,6 +101,17 @@
<scope>test</scope>
</dependency>
<!-- /Test dependencies -->
<!-- Uncoment dependency below to use log4j as SLFJ implementation for test logs -->
<dependency>
<groupId>ch.qos.logback</groupId>
<artifactId>logback-classic</artifactId>
<version>1.0.10</version>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-log4j12</artifactId>
<scope>test</scope>
</dependency>
</dependencies>
<build>
<plugins>
......@@ -146,6 +188,69 @@
</execution>
</executions>
</plugin>
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>aspectj-maven-plugin</artifactId>
<version>1.5</version>
<dependencies>
<dependency>
<groupId>org.aspectj</groupId>
<artifactId>aspectjtools</artifactId>
<version>${aspectj.version}</version>
</dependency>
</dependencies>
<executions>