Commit cb0700e8 authored by cdanger's avatar cdanger

- Removed AnyURIAttributeTest from MainTest since definition of anyURI

used for validating XACML anyURI AttributeValue is no longer XSD 1.0 but
1.1 where anyURI has same value space as string.
- Fix: possible memory leak (e.g. in Tomcat) by using SAXON anyURI
validator. More info:
<p>
 * Last but not least, we now refer to the definition of anyURI datatype
given in XSD 1.1, which has the same value space as the string datatype.
More info in the XSD 1.1 datatypes document and SAXON
 * documentation:
http://www.saxonica.com/html/documentation9.4/changes/intro93/xsd11-93.html.
Also confirmed on the mailing list:
 * https://sourceforge.net/p/saxon/mailman/saxon-help/thread/4F9E683E.8060001@saxonica.com/.
Although XACML 3.0 still refers to XSD 1.0 and its stricter definition
of anyURI, we prefer to anticipate
 * and use the definition from XSD 1.1 for XACML AttributeValues of
datatype anyURI. However, this does not affect XACML schema validation
of Policy/PolicySet/Request documents, where the XSD 1.0
 * definition of anyURI still applies.
 * </p>
 * <p>
 * With the new anyURI definition of XSD 1.1, we also avoid using {@link
StandardURIChecker} which maintains a thread-local cache of validated
URIs (cache size is 50 and eviction policy is LRU) that
 * may be spotted as a possible memory leak by servlet containers such
as Tomcat, as confirmed on the mailing list:
https://sourceforge.net/p/saxon/mailman/message/27043134/ ,
 * https://sourceforge.net/p/saxon/mailman/saxon-help/thread/4F9E683E.8060001@saxonica.com/
.
 * </p>
parent 6d5e40ca
......@@ -18,8 +18,7 @@ import net.sf.saxon.lib.StandardURIChecker;
/**
* Represent the URI value that this class represents
* <p>
* WARNING: java.net.URI cannot be used here for this XACML datatype, because not equivalent to XML schema anyURI type. Spaces are allowed in XSD anyURI [1],
* not in java.net.URI.
* WARNING: java.net.URI cannot be used here for this XACML datatype, because not equivalent to XML schema anyURI type. Spaces are allowed in XSD anyURI [1], not in java.net.URI.
* </p>
* <p>
* [1] http://www.w3.org/TR/xmlschema-2/#anyURI That's why we use String instead.
......@@ -31,8 +30,20 @@ import net.sf.saxon.lib.StandardURIChecker;
* https://java.net/projects/jaxb/lists/users/archive/2011-07/message/16
* </p>
* <p>
* From the JAXB spec: "xs:anyURI is not bound to java.net.URI by default since not all possible values of xs:anyURI can be passed to the java.net.URI
* constructor. Using a global JAXB customization described in Section 7.9".
* From the JAXB spec: "xs:anyURI is not bound to java.net.URI by default since not all possible values of xs:anyURI can be passed to the java.net.URI constructor. Using a global JAXB customization
* described in Section 7.9".
* </p>
* <p>
* Last but not least, we now refer to the definition of anyURI datatype given in XSD 1.1, which has the same value space as the string datatype. More info in the XSD 1.1 datatypes document and SAXON
* documentation: http://www.saxonica.com/html/documentation9.4/changes/intro93/xsd11-93.html. Also confirmed on the mailing list:
* https://sourceforge.net/p/saxon/mailman/saxon-help/thread/4F9E683E.8060001@saxonica.com/. Although XACML 3.0 still refers to XSD 1.0 and its stricter definition of anyURI, we prefer to anticipate
* and use the definition from XSD 1.1 for XACML AttributeValues of datatype anyURI. However, this does not affect XACML schema validation of Policy/PolicySet/Request documents, where the XSD 1.0
* definition of anyURI still applies.
* </p>
* <p>
* With the new anyURI definition of XSD 1.1, we also avoid using {@link StandardURIChecker} which maintains a thread-local cache of validated URIs (cache size is 50 and eviction policy is LRU) that
* may be spotted as a possible memory leak by servlet containers such as Tomcat, as confirmed on the mailing list: https://sourceforge.net/p/saxon/mailman/message/27043134/ ,
* https://sourceforge.net/p/saxon/mailman/saxon-help/thread/4F9E683E.8060001@saxonica.com/ .
* </p>
*/
public final class AnyURIValue extends SimpleValue<String>
......@@ -49,28 +60,15 @@ public final class AnyURIValue extends SimpleValue<String>
* @param value
* the URI to be represented
* <p>
* WARNING: java.net.URI cannot be used here for XACML datatype, because not equivalent to XML schema anyURI type. Spaces are allowed in XSD
* anyURI [1], not in java.net.URI. [1] http://www.w3.org/TR/xmlschema-2/#anyURI So we use String instead.
* WARNING: java.net.URI cannot be used here for XACML datatype, because not equivalent to XML schema anyURI type. Spaces are allowed in XSD anyURI [1], not in java.net.URI. [1]
* http://www.w3.org/TR/xmlschema-2/#anyURI So we use String instead.
* </p>
* @throws IllegalArgumentException
* if {@code value} is not a valid string representation for xs:anyURI
*/
public AnyURIValue(String value) throws IllegalArgumentException
{
super(TYPE_URI, validate(value));
}
private static String validate(String anyURI) throws IllegalArgumentException
{
/*
* Please note that StandardURIChecker maintains a thread-local cache of validated URIs (cache size is 50 and eviction policy is LRU)
*/
if (!StandardURIChecker.getInstance().isValidURI(anyURI))
{
throw new IllegalArgumentException("Invalid value for xs:anyURI: " + anyURI);
}
return anyURI;
super(TYPE_URI, value);
}
@Override
......
......@@ -44,18 +44,18 @@ import org.slf4j.LoggerFactory;
/**
*
* class to use for the testSuite MatchTest.class, ConformanceV3FromV2.class, BasicV3_1.class, BasicV3_2.class,
* BasicV3_3.class, BasicV3_4.class, BasicV3_5.class, BasicFunctionV3.class
* Main PDP core implementation test suite.
*
* NB: {@link AnyURIAttributeTest} no longer useful and removed because we now refer to the definition of anyURI datatype given in XSD 1.1, which has the same value space as the string datatype. More
* info in the XSD 1.1 datatypes document and SAXON documentation: http://www.saxonica.com/html/documentation9.4/changes/intro93/xsd11-93.html. Although XACML 3.0 still refers to XSD 1.0 and its
* stricter definition of anyURI, we prefer to anticipate and use the definition from XSD 1.1 for XACML AttributeValues of datatype anyURI. However, this does not affect XACML schema validation of
* Policy/PolicySet/Request documents, where the XSD 1.0 definition of anyURI still applies.
*/
@RunWith(Suite.class)
@SuiteClasses(value = { AnyURIAttributeTest.class, EqualityFunctionsTest.class, NumericArithmeticFunctionsTest.class,
StringConversionFunctionsTest.class, NumericConversionFunctionsTest.class, LogicalFunctionsTest.class,
NumericComparisonFunctionsTest.class, DateTimeArithmeticFunctionsTest.class,
NonNumericComparisonFunctionsTest.class, StringFunctionsTest.class, BagFunctionsTest.class,
SetFunctionsTest.class, HigherOrderFunctionsTest.class, RegExpBasedFunctionsTest.class,
SpecialMatchFunctionsTest.class, ConformanceV3FromV2Mandatory.class, ConformanceV3FromV2Optional.class,
ConformanceV3Others.class, CustomPdpTest.class, TestApplyMarshalling.class,
TestPdpGetStaticApplicablePolicies.class, NonRegression.class })
@SuiteClasses(value = { EqualityFunctionsTest.class, NumericArithmeticFunctionsTest.class, StringConversionFunctionsTest.class, NumericConversionFunctionsTest.class, LogicalFunctionsTest.class,
NumericComparisonFunctionsTest.class, DateTimeArithmeticFunctionsTest.class, NonNumericComparisonFunctionsTest.class, StringFunctionsTest.class, BagFunctionsTest.class,
SetFunctionsTest.class, HigherOrderFunctionsTest.class, RegExpBasedFunctionsTest.class, SpecialMatchFunctionsTest.class, ConformanceV3FromV2Mandatory.class, ConformanceV3FromV2Optional.class,
ConformanceV3Others.class, CustomPdpTest.class, TestApplyMarshalling.class, TestPdpGetStaticApplicablePolicies.class, NonRegression.class })
public class MainTest
{
/**
......
......@@ -29,15 +29,27 @@ import org.junit.runner.RunWith;
import org.junit.runners.Parameterized;
import org.junit.runners.Parameterized.Parameters;
/**
*
* XACML anyURI validation test. This test is no longer used since we refer to the definition of anyURI datatype given in XSD 1.1, which has the same value space as the string datatype. This is
* confirmed by SAXON documentation: http://www.saxonica.com/html/documentation9.4/changes/intro93/xsd11-93.html
*
* Although XACML 3.0 still refers to XSD 1.0 and its stricter definition of anyURI, we prefer to anticipate and use the definition from XSD 1.1 for XACML AttributeValues of datatype anyURI. However,
* this does not affect XACML schema validation of Policy/PolicySet/Request documents, where the XSD 1.0 definition of anyURI still applies.
*
* This class is kept for the record only.
*/
@RunWith(value = Parameterized.class)
public class AnyURIAttributeTest
{
@Parameters
public static Collection<Object[]> data()
{
Object[][] data = new Object[][] { { "http://datypic.com", "absolute URI (also a URL)", true }, { "mailto:info@datypic.com", "absolute URI", true }, { "../%C3%A9dition.html", "relative URI containing escaped non-ASCII character", true },
{ "../édition.html", "relative URI containing escaped non-ASCII character", true }, { "http://datypic.com/prod.html#shirt", "URI with fragment identifier", true }, { "../prod.html#shirt", "relative URI with fragment identifier", true }, { "", "an empty value is allowed", true },
{ "http://datypic.com#frag1#frag2", "too many # characters", false }, { "http://datypic.com#f% rag", "% character followed by something other than two hexadecimal digits", false } };
Object[][] data = new Object[][] { { "http://datypic.com", "absolute URI (also a URL)", true }, { "mailto:info@datypic.com", "absolute URI", true },
{ "../%C3%A9dition.html", "relative URI containing escaped non-ASCII character", true }, { "../édition.html", "relative URI containing escaped non-ASCII character", true },
{ "http://datypic.com/prod.html#shirt", "URI with fragment identifier", true }, { "../prod.html#shirt", "relative URI with fragment identifier", true },
{ "", "an empty value is allowed", true }, { "http://datypic.com#frag1#frag2", "too many # characters", false },
{ "http://datypic.com#f% rag", "% character followed by something other than two hexadecimal digits", false } };
return Arrays.asList(data);
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment