|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object nbi.xmlsec.xacml.profile.rbac.RBACPDP
This class implements an PDP acting on XACML policies defined according to
the RBAC XACML Profile v.2.0. All needed parameter are read from the
configuration
. The
configuration is done within the XML-tag PDP
. It mainly
consist configuring the underlying PolicyManager
. The
evaluation is realised using the method
evaluate(Set,String,String)
.
Field Summary | |
(package private) Configuration |
config
Configuration of this class |
(package private) static Logger |
logger
|
(package private) PDP |
pdp
The PDP instance. |
(package private) PolicyManager |
polMgr
PolicyManager of this RBACPDP |
(package private) HashMap |
results
A Hashmap to store results and fasten the evaluation process when request are equaling. |
Constructor Summary | |
RBACPDP()
Default constructor. |
|
RBACPDP(Configuration config)
This creates an instance based on the given configuration |
Method Summary | |
Set |
createAction(String action)
Creates the action part of a request context on a given reource String. |
RequestCtx |
createRequest(RoleAssignmentPolicyIdentifier roleId,
String resource,
String action)
Create a request from a RoleAssignmentPolicyIdentifier, a resource string and an action string. |
Set |
createResource(String resource)
Creates the resource part of a request context on a given reource String. |
Set |
createSubject(RoleAssignmentPolicyIdentifier roleId)
Creates the subject part of a request context on a given RoleAssignmentPolicyIdentifier. |
Result |
evaluate(RequestCtx request)
Evaluates a request |
boolean |
evaluate(Set roleIds,
String resource,
String action)
Evaluates the request based on a set of roles, a resource and an action defined according the XACML RBAC profile v2.0. |
RequestCtx |
modifyRequest(RequestCtx request,
RoleAssignmentPolicyIdentifier roleId,
String resource,
String action)
Modifies a given request context based on the given parameeters. |
protected void |
reset()
Resets the RBACPDP reinitialising the PolicyManager instance, reloading the assigned policies needed to create a new PDP instance. |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
static Logger logger
Configuration config
PolicyManager polMgr
PDP pdp
HashMap results
Constructor Detail |
public RBACPDP() throws Exception
RBACPDP
with a
PDP
based on the configuration defined by the runtime
property com.sun.xcaml.PDPConfigFile.
public RBACPDP(Configuration config) throws ClassNotFoundException, NoSuchMethodException, InvocationTargetException, InstantiationException, IllegalAccessException
IllegalAccessException
InstantiationException
InvocationTargetException
NoSuchMethodException
ClassNotFoundException
Method Detail |
protected void reset() throws IllegalArgumentException, SecurityException, ClassNotFoundException, InstantiationException, IllegalAccessException, InvocationTargetException, NoSuchMethodException
IllegalArgumentException
SecurityException
ClassNotFoundException
InstantiationException
IllegalAccessException
InvocationTargetException
NoSuchMethodException
public Result evaluate(RequestCtx request)
request
- The request context to evaluated
public boolean evaluate(Set roleIds, String resource, String action)
true
if any of the evaluation results equals to permit.
roleIds
- Set of RoleAssignmentPolicyIdentifiers
.resource
- The resource as String.action
- The action as String.
true
, if at least one the evaluation result equals to permit, false
otherwise.public RequestCtx modifyRequest(RequestCtx request, RoleAssignmentPolicyIdentifier roleId, String resource, String action) throws URISyntaxException
request
- The request to modifyroleId
- if not null, then the suject changes to the new roleId.resource
- if not null, then the resource changes to the new resource.action
- if not null, then the action changes to the new action.
URISyntaxException
public Set createSubject(RoleAssignmentPolicyIdentifier roleId) throws URISyntaxException
roleId
- The RoleAssignmentPolicyIdentifier
URISyntaxException
public Set createResource(String resource) throws URISyntaxException
resource
- The resource string.
URISyntaxException
public Set createAction(String action) throws URISyntaxException
action
- The action string.
URISyntaxException
public RequestCtx createRequest(RoleAssignmentPolicyIdentifier roleId, String resource, String action) throws URISyntaxException
roleId
- RoleAssignmentPolicyIdentifier.resource
- resource string.action
- action string.
URISyntaxException
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |