Commit 4275dcee authored by Cyril Dangerville's avatar Cyril Dangerville

- Upgraded to latest version of authzforce-parent

- Use maven property for git repo (inherited from parent pom)
- Fixed buggy configuration of maven-jaxb2-plugin after upgrading to
latest version of the plugin
- Removed no longer used AuditLogs.xsd
parent 1d4777e2
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>com.thalesgroup.authzforce</groupId>
<artifactId>authzforce-parent</artifactId>
<version>3.0.3</version>
<version>3.0.6</version>
</parent>
<artifactId>authzforce-core</artifactId>
<version>3.5.7-SNAPSHOT</version>
......@@ -15,12 +16,12 @@
<inceptionYear>2011</inceptionYear>
<scm>
<!-- Used by Jenkins - Maven release plugin -->
<connection>scm:git:https://foyer.dev.theresis.org/authzforce/core.git</connection>
<developerConnection>scm:git:https://foyer.dev.theresis.org/authzforce/core.git</developerConnection>
<connection>scm:git:${scm.baseUrl}/core.git</connection>
<developerConnection>scm:git:${scm.baseUrl}/core.git</developerConnection>
<tag>HEAD</tag>
<!-- Publicly browsable repository URL. For example, via Gitlab web UI. -->
<url>https://foyer.dev.theresis.org/authzforce/core</url>
<url>${scm.baseUrl}/core</url>
</scm>
<properties>
<!-- JDK versions for AspectJ -->
......@@ -65,7 +66,6 @@
<!-- Used for DOM parsing / XPath evaluation -->
<groupId>com.thalesgroup.appsec</groupId>
<artifactId>thales-appsec-common-utils</artifactId>
<version>0.1</version>
</dependency>
<!-- Authzforce dependencies -->
<dependency>
......@@ -175,26 +175,6 @@
<goal>check</goal>
</goals>
</execution>
<execution>
<id>add-license-headers</id>
<phase>process-sources</phase>
<goals>
<goal>format</goal>
</goals>
<configuration>
<properties>
<!-- Values to be substituted in template -->
<inceptionYear>${project.inceptionYear}</inceptionYear>
<currentYear>${currentYear}</currentYear>
<copyrightOwner>${project.organization.name}</copyrightOwner>
</properties>
<header>license/thales.txt</header>
<strictCheck>true</strictCheck>
<includes>
<include>src/com/thalesgroup/authzforce/audit/**</include>
</includes>
</configuration>
</execution>
</executions>
</plugin>
<plugin>
......@@ -205,27 +185,29 @@
<debug>false</debug>
<verbose>true</verbose>
<extension>true</extension>
<useDependenciesAsEpisodes>true</useDependenciesAsEpisodes>
<strict>false</strict>
<!-- Episodes: Only episodes for schemas referenced (imported/included) by schema(s) in schemaDirectory
can be listed here. If not possible, just create an empty schema in schemaDirectory which imports all
the episode elements but does nothing with them. -->
<!-- <episodes> -->
<!-- </episodes> -->
<plugins>
<plugin>
<groupId>com.thalesgroup.ktd.scis</groupId>
<artifactId>oasis-xacml-model</artifactId>
</plugin>
<plugin>
<groupId>com.thalesgroup.authzforce</groupId>
<artifactId>authzforce-core-model</artifactId>
</plugin>
</plugins>
<useDependenciesAsEpisodes>true</useDependenciesAsEpisodes>
<bindingDirectory>src/main/resources</bindingDirectory>
<catalog>src/main/resources/catalog.xml</catalog>
<catalogResolver>org.jvnet.jaxb2.maven2.resolver.tools.ClasspathCatalogResolver</catalogResolver>
<!-- <plugins> -->
<!-- <plugin> -->
<!-- <groupId>com.thalesgroup.ktd.scis</groupId> -->
<!-- <artifactId>oasis-xacml-model</artifactId> -->
<!-- </plugin> -->
<!-- <plugin> -->
<!-- <groupId>com.thalesgroup.authzforce</groupId> -->
<!-- <artifactId>authzforce-core-model</artifactId> -->
<!-- </plugin> -->
<!-- </plugins> -->
<catalog>src/main/jaxb/catalog.xml</catalog>
<removeOldOutput>true</removeOldOutput>
<bindingDirectory>src/main/jaxb</bindingDirectory>
<bindingIncludes>
<include>bindings.xjb</include>
</bindingIncludes>
</configuration>
<executions>
<execution>
......@@ -253,7 +235,7 @@
</configuration>
</execution>
</executions>
</plugin>
</plugin>
<!-- Maven compiler configuration -->
<plugin>
<artifactId>maven-compiler-plugin</artifactId>
......
......@@ -120,10 +120,10 @@ public class Apply extends ApplyType implements Evaluatable
} catch (URISyntaxException use) {
throw new ParsingException("Error parsing Apply", use);
} catch (UnknownIdentifierException uie) {
throw new ParsingException("Unknown FunctionId", uie);
throw new ParsingException("Unknown Apply FunctionId: " + xacmlApply.getFunctionId(), uie);
} catch (FunctionTypeException fte) {
// try to create an abstract function
throw new ParsingException("Unsupported function: " + xacmlApply.getFunctionId(), fte);
throw new ParsingException("Unsupported Apply function type (FunctionId=" + xacmlApply.getFunctionId()+")", fte);
}
for(final JAXBElement<? extends ExpressionType> exprElt: xacmlApply.getExpressions()) {
......
......@@ -98,9 +98,8 @@ public class SimplePDP
// Create the two static modules with the given policies so that
// we have context-based and reference-based access to all the
// policies provided on the command-line
List policyList = Arrays.asList(policies);
StaticPolicyFinderModule staticModule = new StaticPolicyFinderModule(PermitOverridesPolicyAlg.algId, policyList);
StaticRefPolicyFinderModule staticRefModule = new StaticRefPolicyFinderModule(policyList);
StaticPolicyFinderModule staticModule = new StaticPolicyFinderModule(PermitOverridesPolicyAlg.algId, policies);
StaticRefPolicyFinderModule staticRefModule = new StaticRefPolicyFinderModule(policies);
// also create a module that lets us get at URL-based policies
URLPolicyFinderModule urlModule = new URLPolicyFinderModule();
......
......@@ -38,17 +38,12 @@ import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URL;
import java.util.List;
import javax.xml.XMLConstants;
import javax.xml.bind.JAXBException;
import javax.xml.bind.Unmarshaller;
import javax.xml.validation.Schema;
import javax.xml.validation.SchemaFactory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.xml.sax.SAXException;
import com.sun.xacml.EvaluationCtx;
import com.sun.xacml.ParsingException;
......@@ -92,14 +87,11 @@ public class StaticPolicyFinderModule extends PolicyFinderModule<AbstractPolicyF
{
// the list of policy URLs/filenames passed to the constructor
private List<String> policyList;
private String[] policyLocations;
// the map of policies
private PolicyCollection policies;
// the optional schema
private final Schema schema;
// the policy identifier for any policy sets we dynamically create
private static final String POLICY_ID = "urn:com:sun:xacml:support:finder:dynamic-policy-set";
private static URI policyId = null;
......@@ -132,60 +124,10 @@ public class StaticPolicyFinderModule extends PolicyFinderModule<AbstractPolicyF
* a <code>List</code> of <code>String</code>s that represent URLs or files pointing
* to XACML policies
*/
public StaticPolicyFinderModule(List<String> policyList)
{
this.policyList = policyList;
this.policies = new PolicyCollection();
final String schemaFilename = System.getProperty(PolicyReader.POLICY_SCHEMA_PROPERTY);
if (schemaFilename == null)
{
schema = null;
} else
{
final SchemaFactory schemaFactory = SchemaFactory.newInstance(XMLConstants.W3C_XML_SCHEMA_NS_URI);
try
{
schema = schemaFactory.newSchema(new File(schemaFilename));
} catch (SAXException e)
{
throw new IllegalArgumentException("Unable to load policy validation schema from file defined by system property '"
+ PolicyReader.POLICY_SCHEMA_PROPERTY + "': '" + schemaFilename + "'", e);
}
}
}
/**
* Creates a <code>StaticPolicyFinderModule</code> that provides access to the given collection
* of policies and returns an error when more than one policy matches a given context. Any
* policy that cannot be loaded will be noted in the log, but will not cause an error.
*
* @param policyList
* a <code>List</code> of <code>String</code>s that represent URLs or files pointing
* to XACML policies
* @param schemaFilename
* the schema file to validate policies against, or null if schema validation is not
* desired
*/
public StaticPolicyFinderModule(List<String> policyList, String schemaFilename)
public StaticPolicyFinderModule(String[] policyList)
{
this.policyList = policyList;
this.policyLocations = policyList;
this.policies = new PolicyCollection();
if (schemaFilename == null)
{
schema = null;
} else
{
final SchemaFactory schemaFactory = SchemaFactory.newInstance(XMLConstants.W3C_XML_SCHEMA_NS_URI);
try
{
schema = schemaFactory.newSchema(new File(schemaFilename));
} catch (SAXException e)
{
throw new IllegalArgumentException("Unable to load policy validation schema from file: '" + schemaFilename + "'", e);
}
}
}
/**
......@@ -207,74 +149,13 @@ public class StaticPolicyFinderModule extends PolicyFinderModule<AbstractPolicyF
* @throws UnknownIdentifierException
* if the combining algorithm identifier isn't known
*/
public StaticPolicyFinderModule(String combiningAlg, List<String> policyList) throws URISyntaxException, UnknownIdentifierException
public StaticPolicyFinderModule(String combiningAlg, String[] policyList) throws URISyntaxException, UnknownIdentifierException
{
PolicyCombiningAlgorithm alg = combiningAlg == null ? null : (PolicyCombiningAlgorithm) (CombiningAlgFactory.getInstance()
.createAlgorithm(new URI(combiningAlg)));
this.policyList = policyList;
this.policies = new PolicyCollection(alg, policyId);
final String schemaFilename = System.getProperty(PolicyReader.POLICY_SCHEMA_PROPERTY);
if (schemaFilename == null)
{
schema = null;
} else
{
final SchemaFactory schemaFactory = SchemaFactory.newInstance(XMLConstants.W3C_XML_SCHEMA_NS_URI);
try
{
schema = schemaFactory.newSchema(new File(schemaFilename));
} catch (SAXException e)
{
throw new IllegalArgumentException("Unable to load policy validation schema from file defined by system property '"
+ PolicyReader.POLICY_SCHEMA_PROPERTY + "': '" + schemaFilename + "'", e);
}
}
}
/**
* Creates a <code>StaticPolicyFinderModule</code> that provides access to the given collection
* of policies. The given combining algorithm is used to create new PolicySets when more than
* one policy applies. Any policy that cannot be loaded will be noted in the log, but will not
* cause an error.
*
* @param combiningAlg
* the algorithm to use in a new PolicySet when more than one policy applies
* @param policyList
* a <code>List</code> of <code>String</code>s that represent URLs or files pointing
* to XACML policies
* @param schemaFilename
* the schema file to validate policies against, or null if schema validation is not
* desired
*
* @throws URISyntaxException
* if the combining algorithm is not a well-formed URI
* @throws UnknownIdentifierException
* if the combining algorithm identifier isn't known
*/
public StaticPolicyFinderModule(String combiningAlg, List<String> policyList, String schemaFilename) throws URISyntaxException,
UnknownIdentifierException
{
PolicyCombiningAlgorithm alg = (PolicyCombiningAlgorithm) (CombiningAlgFactory.getInstance().createAlgorithm(new URI(combiningAlg)));
this.policyList = policyList;
this.policyLocations = policyList;
this.policies = new PolicyCollection(alg, policyId);
if (schemaFilename == null)
{
schema = null;
} else
{
final SchemaFactory schemaFactory = SchemaFactory.newInstance(XMLConstants.W3C_XML_SCHEMA_NS_URI);
try
{
schema = schemaFactory.newSchema(new File(schemaFilename));
} catch (SAXException e)
{
throw new IllegalArgumentException("Unable to load policy validation schema from file: '" + schemaFilename + "'", e);
}
}
}
@Override
......@@ -289,23 +170,20 @@ public class StaticPolicyFinderModule extends PolicyFinderModule<AbstractPolicyF
// now that we have the PolicyFinder, we can load the policies
// PolicyReader reader = new PolicyReader(finder, LOGGER, schemaFile);
final File baseDir = finder.getBaseDirectory();
for (final String policyLocation : policyList)
for (final String policyLocation : policyLocations)
{
Object jaxbObj;
final Unmarshaller unmarshaller;
try
{
unmarshaller = PdpModelHandler.XACML_3_0_JAXB_CONTEXT.createUnmarshaller();
unmarshaller = PdpModelHandler.createXacml3Unmarshaller();
} catch (JAXBException e1)
{
throw new IllegalArgumentException("Failed to create JAXB marshaller for unmarshalling Policy XML document", e1);
}
unmarshaller.setSchema(schema);
try
{
// first try to load it as a Spring resource
final URL url = ResourceUtils.getResourceURL(policyLocation);
if (url == null)
{
......@@ -315,16 +193,18 @@ public class StaticPolicyFinderModule extends PolicyFinderModule<AbstractPolicyF
jaxbObj = unmarshaller.unmarshal(url);
} catch (IOException ioe)
{
LOGGER.info("Failed to load policy location {} as Spring resource. Loading as file relative to PDP configuration directory",
policyLocation);
LOGGER.info("Cannot load policy from location '{}' as Spring resource -> loading as simple file path...", policyLocation);
// assume that this is a filename, and try again
final File file = new File(policyLocation);
final File policyFile;
if (!file.isAbsolute() && baseDir != null)
{
LOGGER.info("Policy location '{}' is not absolute file path -> loading as relative to PDP configuration directory: '{}'",
policyLocation, baseDir);
policyFile = new File(baseDir, policyLocation);
} else
{
LOGGER.info("Loading policy location '{}' as absolute file path", policyLocation, baseDir);
policyFile = file;
}
......
......@@ -33,13 +33,12 @@
*/
package com.sun.xacml.support.finder;
import java.net.MalformedURLException;
import java.net.URI;
import java.net.URL;
import java.util.List;
import javax.xml.bind.JAXBException;
import javax.xml.bind.Unmarshaller;
import javax.xml.validation.Schema;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
......@@ -87,20 +86,17 @@ public class StaticRefPolicyFinderModule extends PolicyFinderModule<AbstractPoli
* make reference to another one which has to be previously defined. Not null only if the finder
* module is initialized from locations of XACML <PolicySet>s.
*/
private final List<URL> policyLocationList;
private final String[] policyLocations;
/*
* List of <PolicySet>s. Not null only if the finder module is initialized directly from XACML
* <PolicySet>s (JAXB).
*/
private final List<oasis.names.tc.xacml._3_0.core.schema.wd_17.PolicySet> policySetList;
private final oasis.names.tc.xacml._3_0.core.schema.wd_17.PolicySet[] policySets;
// the map of policies
private final PolicyCollection policies;
// the optional schema
private final Schema schema;
// the LOGGER we'll use for all messages
private static final Logger LOGGER = LoggerFactory.getLogger(StaticRefPolicyFinderModule.class);
......@@ -110,12 +106,11 @@ public class StaticRefPolicyFinderModule extends PolicyFinderModule<AbstractPoli
* @param policySets
* a <code>List</code> of XACML <PolicySet>s
*/
public StaticRefPolicyFinderModule(List<oasis.names.tc.xacml._3_0.core.schema.wd_17.PolicySet> policySets)
public StaticRefPolicyFinderModule(oasis.names.tc.xacml._3_0.core.schema.wd_17.PolicySet[] policySets)
{
this.policySetList = policySets;
this.policySets = policySets;
this.policies = new PolicyCollection();
this.policyLocationList = null;
this.schema = null;
this.policyLocations = null;
}
/**
......@@ -125,16 +120,12 @@ public class StaticRefPolicyFinderModule extends PolicyFinderModule<AbstractPoli
* @param policyLocations
* a <code>List</code> of <code>URL</code>s that represent URLs or files pointing to
* XACML policies
* @param xacmlSchema
* the schema file to validate policies against, or null if schema validation is not
* desired
*/
public StaticRefPolicyFinderModule(List<URL> policyLocations, Schema xacmlSchema)
public StaticRefPolicyFinderModule(String[] policyLocations)
{
this.policyLocationList = policyLocations;
this.policyLocations = policyLocations;
this.policies = new PolicyCollection();
this.schema = xacmlSchema;
this.policySetList = null;
this.policySets = null;
}
/**
......@@ -197,9 +188,9 @@ public class StaticRefPolicyFinderModule extends PolicyFinderModule<AbstractPoli
/*
* Try loading from JAXB <PolicySet>s first.
*/
if (policySetList != null)
if (policySets != null)
{
for (final oasis.names.tc.xacml._3_0.core.schema.wd_17.PolicySet policySet : policySetList)
for (final oasis.names.tc.xacml._3_0.core.schema.wd_17.PolicySet policySet : policySets)
{
final IPolicy policyInstance = getPolicyInstanceFromJaxb(policySet, finder);
if (!policies.addPolicy(policyInstance))
......@@ -212,22 +203,30 @@ public class StaticRefPolicyFinderModule extends PolicyFinderModule<AbstractPoli
}
// Else load from list of policy locations
for (final URL policyLocation : policyLocationList)
for (final String policyLocation : policyLocations)
{
final URL policyURL;
try
{
policyURL = new URL(policyLocation);
} catch (MalformedURLException e)
{
throw new IllegalArgumentException("Invalid policy URL: " + policyLocation, e);
}
Object jaxbObj;
final Unmarshaller unmarshaller;
try
{
unmarshaller = PdpModelHandler.XACML_3_0_JAXB_CONTEXT.createUnmarshaller();
unmarshaller = PdpModelHandler.createXacml3Unmarshaller();
} catch (JAXBException e1)
{
throw new IllegalArgumentException("Failed to create JAXB marshaller for unmarshalling Policy XML document", e1);
}
unmarshaller.setSchema(schema);
try
{
jaxbObj = unmarshaller.unmarshal(policyLocation);
jaxbObj = unmarshaller.unmarshal(policyURL);
} catch (JAXBException e)
{
throw new IllegalArgumentException("Failed to unmarshall Policy XML document from policy location: " + policyLocation, e);
......
......@@ -334,10 +334,11 @@ public class PdpConfigurationManager
if (policyFinderConf instanceof StaticPolicyFinder)
{
final StaticPolicyFinder staticPolicyFinderConf = (StaticPolicyFinder) policyFinderConf;
final List<String> policyLocations = staticPolicyFinderConf.getPolicyLocations();
try
{
policyFinderModule = new StaticPolicyFinderModule(staticPolicyFinderConf.getCombiningAlgId(),
staticPolicyFinderConf.getPolicyLocations());
policyLocations.toArray(new String[policyLocations.size()]));
} catch (URISyntaxException | UnknownIdentifierException e)
{
throw new IllegalArgumentException("Invalid StaticPolicyFinder configuration", e);
......@@ -345,18 +346,8 @@ public class PdpConfigurationManager
} else if (policyFinderConf instanceof StaticRefPolicyFinder)
{
final StaticRefPolicyFinder staticRefPolicyFinderConf = (StaticRefPolicyFinder) policyFinderConf;
final List<URL> policyURLs = new ArrayList<>();
for (final String policyLocation : staticRefPolicyFinderConf.getPolicyLocations())
{
try
{
policyURLs.add(new URL(policyLocation));
} catch (MalformedURLException e)
{
throw new IllegalArgumentException("Invalid StaticRefPolicyFinder configuration: policyLocation is not a valid URL", e);
}
}
policyFinderModule = new StaticRefPolicyFinderModule(policyURLs, PdpModelHandler.XACML_3_0_SCHEMA);
final List<String> policyLocations = staticRefPolicyFinderConf.getPolicyLocations();
policyFinderModule = new StaticRefPolicyFinderModule(policyLocations.toArray(new String[policyLocations.size()]));
} else
{
policyFinderModule = PdpExtensionFactory.getInstance(policyFinderConf);
......
......@@ -145,6 +145,18 @@ public class PdpModelHandler
// files at the root of the classpath)
// private final List<String> extSchemaLocations = new ArrayList<>();
private final JAXBContext confJaxbCtx;
/**
* Creates XACML 3.0 XML Unmarshaller with XACML 3.0 schema validation
* @return unmarshaller
* @throws JAXBException
*/
public static Unmarshaller createXacml3Unmarshaller() throws JAXBException
{
final Unmarshaller unmarshaller = XACML_3_0_JAXB_CONTEXT.createUnmarshaller();
unmarshaller.setSchema(XACML_3_0_SCHEMA);
return unmarshaller;
}
/**
* Load Configuration model handler. Parameters here are locations to XSD files. Locations can
......
......@@ -37,7 +37,7 @@ import org.springframework.core.io.Resource;
public class ResourceUtils
{
private static final DefaultResourceLoader RESOURCE_LOADER = new DefaultResourceLoader();
private static final Logger LOGGER = LoggerFactory.getLogger(SchemaHandler.class);
private static final Logger LOGGER = LoggerFactory.getLogger(ResourceUtils.class);
/**
* Get resource URL from Spring-supported resource location
......@@ -51,14 +51,14 @@ public class ResourceUtils
final Resource resource = RESOURCE_LOADER.getResource(loc);
if (resource == null || !resource.exists())
{
LOGGER.warn("No resource '" + loc + "' is available");
LOGGER.info("Resource '" + loc + "' null or does not exist");
return null;
}
final URL url = resource.getURL();
if (url == null)
{
LOGGER.warn("Resource " + loc + " could not be resolved to a URL");
LOGGER.info("Resource " + loc + " could not be resolved to a URL");
}
return url;
......
<?xml version="1.0" encoding="UTF-8"?>
<schema targetNamespace="http://authzforce.thalesgroup.com/audit/schema/pdp" version="1.0" elementFormDefault="qualified" attributeFormDefault="unqualified" xmlns="http://www.w3.org/2001/XMLSchema" xmlns:xacml="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" xmlns:tns="http://authzforce.thalesgroup.com/audit/schema/pdp">
<import namespace="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" />
<!-- <element name="AuditLogs"> -->
<!-- <complexType> -->
<!-- <sequence> -->
<!-- <sequence minOccurs="0" maxOccurs="unbounded"> -->
<!-- <element type="tns:AuditLog" name="auditLog" minOccurs="0" /> -->
<!-- </sequence> -->
<!-- </sequence> -->
<!-- </complexType> -->
<!-- </element> -->
<element name="AuditLog">
<complexType>
<sequence>
<element name="id" type="string" minOccurs="1" maxOccurs="1" />
<element name="date" type="string" minOccurs="1" maxOccurs="1" />
<element name="request" type="xacml:RequestType" minOccurs="1" maxOccurs="1" />
<element name="matchPolicieSet" type="tns:AuditedPolicySet" minOccurs="0" maxOccurs="unbounded" />
<element name="matchedPolicies" type="tns:AuditedPolicy" minOccurs="1" maxOccurs="unbounded" />
<element name="rules" type="tns:AuditedRule" minOccurs="1" maxOccurs="unbounded" />
<element name="result" type="tns:AuditedResult" minOccurs="1" maxOccurs="1" />
<element name="subjectId" type="string" minOccurs="1" maxOccurs="1" />
<element name="resourceId" type="string" minOccurs="1" maxOccurs="1" />
<element name="actionId" type="string" minOccurs="1" maxOccurs="1" />
</sequence>
</complexType>
</element>
<complexType name="AuditedPolicySet">
<sequence>
<element name="id" type="string" minOccurs="1" maxOccurs="1" />
<element name="policyCombiningAlgorithm" type="string" minOccurs="1" maxOccurs="1" />
<element name="policies" type="tns:AuditedPolicy" minOccurs="1" maxOccurs="unbounded" />
<element name="result" type="tns:AuditedResult" minOccurs="1" maxOccurs="1" />
</sequence>
</complexType>
<complexType name="AuditedPolicy">
<sequence>
<element name="id" type="string" minOccurs="1" maxOccurs="1" />
<element name="ruleCombiningAlgorithm" type="string" minOccurs="1" maxOccurs="1" />
<element name="rules" type="tns:AuditedRule" minOccurs="1" maxOccurs="unbounded" />
<element name="result" type="tns:AuditedResult" minOccurs="1" maxOccurs="1" />
</sequence>
</complexType>
<complexType name="AuditedRule">
<sequence>
<element name="id" type="string" minOccurs="1" maxOccurs="1" />
<element name="resolvedAttributes" type="tns:AuditedAttributesResolved" minOccurs="0" maxOccurs="unbounded" />
<element name="result" type="tns:AuditedResult" minOccurs="1" maxOccurs="1" />
</sequence>
</complexType>
<complexType name="AuditedAttributesResolved">
<sequence>
<element name="attributeId" type="anyURI" minOccurs="1" maxOccurs="1" />
<element name="attributeValue" type="xacml:AttributeValueType" minOccurs="1" maxOccurs="1" />
</sequence>
</complexType>
<simpleType name="AuditedResult">
<restriction base="string">
<enumeration value="Permit" />
<enumeration value="Deny" />
<enumeration value="Indeterminate" />
<enumeration value="NotApplicable" />
</restriction>
</simpleType>
</schema>
\ No newline at end of file
<?xml version="1.0" encoding="UTF-8"?>
<jaxb:bindings xmlns:jaxb="http://java.sun.com/xml/ns/jaxb"
xmlns:xjc="http://java.sun.com/xml/ns/jaxb/xjc"
jaxb:extensionBindingPrefixes="xjc" jaxb:version="2.1">
<jaxb:globalBindings generateMixedExtensions="true" fixedAttributeAsConstantProperty="true">
<xjc:simple />
</jaxb:globalBindings>
</jaxb:bindings>
\ No newline at end of file
<?xml version="1.0" encoding="UTF-8"?>
<catalog xmlns="urn:oasis:names:tc:entity:xmlns:xml:catalog">
<system systemId="http://www.w3.org/2001/xml.xsd" uri="classpath:xml.xsd" />
<!-- For Maven JAXB plugin -->
<public publicId="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" uri="classpath:xacml-core-v3-schema-wd-17.xsd" />
<public publicId="http://thalesgroup.com/authz/model/ext/3.0" uri="classpath:authz-ext-base.xsd" />
<!-- For AuthZForce SchemaHandler (more precisely: imported CXF OASISCatalogManager) -->
<uri name="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" uri="classpath:xacml-core-v3-schema-wd-17.xsd"/>
<uri name="http://thalesgroup.com/authz/model/ext/3.0" uri="classpath:authz-ext-base.xsd"/>
<system systemId="http://www.w3.org/2001/xml.xsd" uri="classpath:xml.xsd" />
<uri name="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" uri="classpath:xacml-core-v3-schema-wd-17.xsd" />
<uri name="http://thalesgroup.com/authz/model/ext/3.0" uri="classpath:authz-ext-base.xsd" />
</catalog>
\ No newline at end of file
This diff is collapsed.
......@@ -39,28 +39,28 @@ import com.sun.xacml.support.finder.StaticPolicyFinderModule;
public class SimplePolicyTest
{
public static void main(String[] args) throws JAXBException {
public static void main(String[] args) throws JAXBException
{
PolicyFinder policyFinder = new PolicyFinder();
List<String> policyLocations = new ArrayList<>();
String policyFileResourceName = "src/test/resources/policy.xml";
//URL policyFileURL = Thread.currentThread().getContextClassLoader().getResource(policyFileResourceName);
// Use getPath() to remove the file: prefix, because used later as input to FileInputStream(...) in FilePolicyModule
policyLocations.add(policyFileResourceName /*policyFileURL.getPath()*/);
StaticPolicyFinderModule testPolicyFinderModule = new StaticPolicyFinderModule(
policyLocations);
String policyFileResourceName = "src/test/resources/policy.xml";
// URL policyFileURL =
// Thread.currentThread().getContextClassLoader().getResource(policyFileResourceName);
// Use getPath() to remove the file: prefix, because used later as input to
// FileInputStream(...) in FilePolicyModule
String[] policyLocations = { policyFileResourceName /* policyFileURL.getPath() */};
StaticPolicyFinderModule testPolicyFinderModule = new StaticPolicyFinderModule(policyLocations);
List<PolicyFinderModule<?>> policyModules = new ArrayList<>();
policyModules.add(testPolicyFinderModule);
policyFinder.setModules(policyModules);
PDPConfig pdpConfig = new PDPConfig(null, policyFinder, null);
PDPConfig pdpConfig = new PDPConfig(null, policyFinder, null);
PDP pdp = new PDP(pdpConfig);
// request
JAXBContext ctx = JAXBContext.newInstance(PolicySet.class);
Unmarshaller unmarshaller = ctx.createUnmarshaller();
Request request = (Request) unmarshaller.unmarshal(new File("src/test/resources/request.xml"));
ResponseCtx resp = <