Java > Open Source Codes > org > jboss > test > security > test > xacml > modules > JBossStaticPolicyFinderModule


1 /*
2   * JBoss, Home of Professional Open Source
3   * Copyright 2005, JBoss Inc., and individual contributors as indicated
4   * by the @authors tag. See the copyright.txt in the distribution for a
5   * full listing of individual contributors.
6   *
7   * This is free software; you can redistribute it and/or modify it
8   * under the terms of the GNU Lesser General Public License as
9   * published by the Free Software Foundation; either version 2.1 of
10   * the License, or (at your option) any later version.
11   *
12   * This software is distributed in the hope that it will be useful,
13   * but WITHOUT ANY WARRANTY; without even the implied warranty of
14   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15   * Lesser General Public License for more details.
16   *
17   * You should have received a copy of the GNU Lesser General Public
18   * License along with this software; if not, write to the Free
19   * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
20   * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
21   */
22 package org.jboss.test.security.test.xacml.modules;
23
24 import java.io.File ;
25 import java.net.MalformedURLException ;
26 import java.net.URI ;
27 import java.net.URISyntaxException ;
28 import java.net.URL ;
29 import java.util.ArrayList ;
30 import java.util.Iterator ;
31 import java.util.List ;
32
33 import org.jboss.logging.Logger;
34
35 import com.sun.xacml.AbstractPolicy;
36 import com.sun.xacml.EvaluationCtx;
37 import com.sun.xacml.ParsingException;
38 import com.sun.xacml.UnknownIdentifierException;
39 import com.sun.xacml.combine.CombiningAlgFactory;
40 import com.sun.xacml.combine.PolicyCombiningAlgorithm;
41 import com.sun.xacml.ctx.Status;
42 import com.sun.xacml.finder.PolicyFinder;
43 import com.sun.xacml.finder.PolicyFinderModule;
44 import com.sun.xacml.finder.PolicyFinderResult;
45 import com.sun.xacml.support.finder.PolicyCollection;
46 import com.sun.xacml.support.finder.PolicyReader;
47 import com.sun.xacml.support.finder.StaticPolicyFinderModule;
48 import com.sun.xacml.support.finder.TopLevelPolicyException;
49
50 //$Id: JBossStaticPolicyFinderModule.java 45389 2006-05-30 21:29:37Z asaldhana $
51
52 /**
53  * Policy Finder Module that is based on the StaticPolicyFinderModule
54  * but will always provide a status of syntax error if there has been
55  * a parsing exception in policy file(s)
56  * @author <a HREF="mailto:Anil.Saldhana@jboss.org">Anil Saldhana</a>
57  * @since May 30, 2006
58  * @version $Revision: 45389 $
59  */
60 public class JBossStaticPolicyFinderModule extends PolicyFinderModule
61 {
62    // the list of policy URLs passed to the constructor
63 private List policyList;
64
65    // the map of policies
66 private PolicyCollection policies;
67
68    // the optional schema file
69 private File schemaFile = null;
70
71    // the policy identifier for any policy sets we dynamically create
72 private static final String POLICY_ID =
73        "urn:com:sun:xacml:support:finder:dynamic-policy-set";
74    
75    private static URI policyId = null;
76
77    // the logger we'll use for all messages
78 private static final Logger log =
79        Logger.getLogger(StaticPolicyFinderModule.class.getName());
80    
81    //Was there an encounter of parse exception?
82 private boolean encounteredParsingException = false;
83
84    static
85    {
86        try
87        {
88            policyId = new URI (POLICY_ID);
89        } catch (Exception e)
90        {
91            log.error("couldn't assign default policy id:",e);
92        }
93    };
94
95    /**
96     * Creates a <code>StaticPolicyFinderModule</code> that provides
97     * access to the given collection of policies and returns an error when
98     * more than one policy matches a given context. Any policy that cannot
99     * be loaded will be noted in the log, but will not cause an error. The
100     * schema file used to validate policies is defined by the property
101     * <code>PolicyReader.POLICY_SCHEMA_PROPERTY</code>. If the retrieved
102     * property is null, then no schema validation will occur.
103     *
104     * @param policyList a <code>List</code> of <code>String</code>s that
105     * represent URLs or files pointing to XACML policies
106     */
107    public JBossStaticPolicyFinderModule(List policyList)
108    {
109        this.policyList = policyList;
110        this.policies = new PolicyCollection();
111
112        String schemaName =
113            System.getProperty(PolicyReader.POLICY_SCHEMA_PROPERTY);
114        if (schemaName != null)
115            schemaFile = new File (schemaName);
116    }
117
118    /**
119     * Creates a <code>StaticPolicyFinderModule</code> that provides
120     * access to the given collection of policies and returns an error when
121     * more than one policy matches a given context. Any policy that cannot
122     * be loaded will be noted in the log, but will not cause an error.
123     *
124     * @param policyList a <code>List</code> of <code>String</code>s that
125     * represent URLs or files pointing to XACML policies
126     * @param schemaFile the schema file to validate policies against,
127     * or null if schema validation is not desired
128     */
129    public JBossStaticPolicyFinderModule(List policyList, String schemaFile)
130    {
131        this.policyList = policyList;
132        this.policies = new PolicyCollection();
133
134        if (schemaFile != null)
135            this.schemaFile = new File (schemaFile);
136    }
137
138    /**
139     * Creates a <code>StaticPolicyFinderModule</code> that provides
140     * access to the given collection of policies. The given combining
141     * algorithm is used to create new PolicySets when more than one
142     * policy applies. Any policy that cannot be loaded will be noted in
143     * the log, but will not cause an error. The schema file used to
144     * validate policies is defined by the property
145     * <code>PolicyReader.POLICY_SCHEMA_PROPERTY</code>. If the retrieved
146     * property is null, then no schema validation will occur.
147     *
148     * @param combiningAlg the algorithm to use in a new PolicySet when more
149     * than one policy applies
150     * @param policyList a <code>List</code> of <code>String</code>s that
151     * represent URLs or files pointing to XACML policies
152     *
153     * @throws URISyntaxException if the combining algorithm is not a
154     * well-formed URI
155     * @throws UnknownIdentifierException if the combining algorithm identifier
156     * isn't known
157     */
158    public JBossStaticPolicyFinderModule(String combiningAlg, List policyList)
159        throws URISyntaxException , UnknownIdentifierException
160    {
161        PolicyCombiningAlgorithm alg = (PolicyCombiningAlgorithm)
162            (CombiningAlgFactory.getInstance().
163             createAlgorithm(new URI (combiningAlg)));
164
165        this.policyList = policyList;
166        this.policies = new PolicyCollection(alg, policyId);
167
168        String schemaName =
169            System.getProperty(PolicyReader.POLICY_SCHEMA_PROPERTY);
170        if (schemaName != null)
171            schemaFile = new File (schemaName);
172    }
173
174    /**
175     * Creates a <code>StaticPolicyFinderModule</code> that provides
176     * access to the given collection of policies. The given combining
177     * algorithm is used to create new PolicySets when more than one
178     * policy applies. Any policy that cannot be loaded will be noted in
179     * the log, but will not cause an error.
180     *
181     * @param combiningAlg the algorithm to use in a new PolicySet when more
182     * than one policy applies
183     * @param policyList a <code>List</code> of <code>String</code>s that
184     * represent URLs or files pointing to XACML policies
185     * @param schemaFile the schema file to validate policies against,
186     * or null if schema validation is not desired
187     *
188     * @throws URISyntaxException if the combining algorithm is not a
189     * well-formed URI
190     * @throws UnknownIdentifierException if the combining algorithm identifier
191     * isn't known
192     */
193    public JBossStaticPolicyFinderModule(String combiningAlg, List policyList,
194                                    String schemaFile)
195        throws URISyntaxException , UnknownIdentifierException
196    {
197        PolicyCombiningAlgorithm alg = (PolicyCombiningAlgorithm)
198            (CombiningAlgFactory.getInstance().
199             createAlgorithm(new URI (combiningAlg)));
200
201        this.policyList = policyList;
202        this.policies = new PolicyCollection(alg, policyId);
203        
204        if (schemaFile != null)
205            this.schemaFile = new File (schemaFile);
206    }
207
208    /**
209     * Always returns <code>true</code> since this module does support
210     * finding policies based on context.
211     *
212     * @return true
213     */
214    public boolean isRequestSupported()
215    {
216        return true;
217    }
218
219    /**
220     * Initialize this module. Typically this is called by
221     * <code>PolicyFinder</code> when a PDP is created. This method is
222     * where the policies are actually loaded.
223     *
224     * @param finder the <code>PolicyFinder</code> using this module
225     */
226    public void init(PolicyFinder finder)
227    {
228       String clazzName = JBossStaticPolicyFinderModule.class.getName();
229        // now that we have the PolicyFinder, we can load the policies
230 PolicyReader reader = new PolicyReader(finder,
231              java.util.logging.Logger.getLogger(clazzName), schemaFile);
232
233        Iterator it = policyList.iterator();
234        while (it.hasNext())
235        {
236            String str = (String )(it.next());
237            AbstractPolicy policy = null;
238            try
239            {
240               try
241               {
242                       // first try to load it as a URL
243 URL url = new URL (str);
244                       policy = reader.readPolicy(url);
245                }
246                catch (MalformedURLException murle)
247                {
248                       // assume that this is a filename, and try again
249 policy = reader.readPolicy(new File (str));
250                }
251            }
252            catch (ParsingException e)
253            {
254               this.encounteredParsingException = true;
255               log.error("Parsing Exception in policy:",e);
256               continue;
257            }
258            
259             // we loaded the policy, so try putting it in the collection
260 if (! policies.addPolicy(policy))
261                   log.warn("tried to load the same " +
262                                   "policy multiple times: " + str);
263        }
264    }
265
266    /**
267     * Finds a policy based on a request's context. If more than one policy
268     * matches, then this either returns an error or a new policy wrapping
269     * the multiple policies (depending on which constructor was used to
270     * construct this instance).
271     *
272     * @param context the representation of the request data
273     *
274     * @return the result of trying to find an applicable policy
275     */
276    public PolicyFinderResult findPolicy(EvaluationCtx context)
277    {
278       List aList = new ArrayList ();
279       aList.add(Status.STATUS_SYNTAX_ERROR);
280       
281        try
282        {
283           if(this.encounteredParsingException)
284              return new PolicyFinderResult(new Status(aList));
285            AbstractPolicy policy = policies.getPolicy(context);
286
287            if (policy == null)
288                return new PolicyFinderResult();
289            else
290                return new PolicyFinderResult(policy);
291        }
292        catch (TopLevelPolicyException tlpe)
293        {
294            return new PolicyFinderResult(tlpe.getStatus());
295        }
296    }
297 }
298

A to Z: JavaDoc & Examples

---

Daily Java News & Articles

---

Open Source Projects

---

Open Source Codes

---

Free Computer Books

---

Remove Frame

---

Popular Tags