JBoss port of sunxacml 2.0.5-redhat-1

org.jboss.security.xacml.sunxacml.support.finder
Class BasicPolicyFinderModule

java.lang.Object
  extended by org.jboss.security.xacml.sunxacml.finder.PolicyFinderModule
      extended by org.jboss.security.xacml.sunxacml.support.finder.BasicPolicyFinderModule

public class BasicPolicyFinderModule
extends PolicyFinderModule

This is a basic implementation of PolicyFinderModule that accepts already created AbstractPolicys and supports finding by context and reference. All policies are held forever once added to this module, and cannot be refreshed or removed. New policies may be added at any point. You may optionally specify a combining algorithm to use when more than one applicable policy is found, and then a new PolicySet is wrapped around the policies using this algorithm. If no combining algorithm is provided, then an error is returned if more than one policy matches.

This module is provided as an example, but is still fully functional, and should be useful for many simple applications. This is provided in the support package rather than the core codebase because it implements non-standard behavior.

Since:
2.0
Author:
Seth Proctor

Constructor Summary
BasicPolicyFinderModule()
          Creates a BasicPolicyFinderModule.
BasicPolicyFinderModule(PolicyCombiningAlgorithm combiningAlg)
          Creates a BasicPolicyFinderModule that can combine multiple applicable policies under a single, dynamic PolicySet.
 
Method Summary
 boolean addPolicy(AbstractPolicy policy)
          Adds a policy that will be available both by reference and by matching to a context.
 boolean addPolicyNoRef(AbstractPolicy policy)
          Adds a policy that will be available only by matching to a context.
 boolean addPolicyOnlyRef(AbstractPolicy policy)
          Adds a policy that will be available only by reference.
 PolicyFinderResult findPolicy(EvaluationCtx context)
          Finds a policy based on a request's context.
 PolicyFinderResult findPolicy(URI idReference, int type, VersionConstraints constraints, PolicyMetaData parentMetaData)
          Attempts to find a policy by reference, based on the provided parameters.
 void init(PolicyFinder finder)
          Initialize this module.
 boolean isIdReferenceSupported()
          Always returns true since this module does support finding policies based on reference.
 boolean isRequestSupported()
          Always returns true since this module does support finding policies based on context matching.
 
Methods inherited from class org.jboss.security.xacml.sunxacml.finder.PolicyFinderModule
getIdentifier, invalidateCache
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

BasicPolicyFinderModule

public BasicPolicyFinderModule()
Creates a BasicPolicyFinderModule.


BasicPolicyFinderModule

public BasicPolicyFinderModule(PolicyCombiningAlgorithm combiningAlg)
Creates a BasicPolicyFinderModule that can combine multiple applicable policies under a single, dynamic PolicySet.

Parameters:
combiningAlg - the algorithm to use in a new PolicySet when more than one policy applies
Method Detail

addPolicy

public boolean addPolicy(AbstractPolicy policy)
Adds a policy that will be available both by reference and by matching to a context. The policy's identifier is used for finding by reference. If a policy with the same identifier and version is already handled by this module, then the policy is not added.

Parameters:
policy - the policy to add
Returns:
true if the policy was added, false otherwise

addPolicyNoRef

public boolean addPolicyNoRef(AbstractPolicy policy)
Adds a policy that will be available only by matching to a context. If a policy with the same identifier and version is already handled by this module, then the policy is not added.

Parameters:
policy - the policy to add
Returns:
true if the policy was added, false otherwise

addPolicyOnlyRef

public boolean addPolicyOnlyRef(AbstractPolicy policy)
Adds a policy that will be available only by reference. The policy's identifier is used for finding by reference. If a policy with the same identifier and version is already handled by this module, then the policy is not added.

Parameters:
policy - the policy to add
Returns:
true if the policy was added, false otherwise

isRequestSupported

public boolean isRequestSupported()
Always returns true since this module does support finding policies based on context matching.

Overrides:
isRequestSupported in class PolicyFinderModule
Returns:
true

isIdReferenceSupported

public boolean isIdReferenceSupported()
Always returns true since this module does support finding policies based on reference.

Overrides:
isIdReferenceSupported in class PolicyFinderModule
Returns:
true

init

public void init(PolicyFinder finder)
Initialize this module. Typically this is called by PolicyFinder when a PDP is created.

Specified by:
init in class PolicyFinderModule
Parameters:
finder - the PolicyFinder using this module

findPolicy

public PolicyFinderResult findPolicy(EvaluationCtx context)
Finds a policy based on a request's context. If more than one policy matches, then this either returns an error or a new policy wrapping the multiple policies (depending on which constructor was used to construct this instance).

Overrides:
findPolicy in class PolicyFinderModule
Parameters:
context - the representation of the request data
Returns:
the result of trying to find an applicable policy

findPolicy

public PolicyFinderResult findPolicy(URI idReference,
                                     int type,
                                     VersionConstraints constraints,
                                     PolicyMetaData parentMetaData)
Attempts to find a policy by reference, based on the provided parameters.

Overrides:
findPolicy in class PolicyFinderModule
Parameters:
idReference - an identifier specifying some policy
type - type of reference (policy or policySet) as identified by the fields in PolicyReference
constraints - any optional constraints on the version of the referenced policy (this will never be null, but it may impose no constraints, and in fact will never impose constraints when used from a pre-2.0 XACML policy)
parentMetaData - the meta-data from the parent policy, which provides XACML version, factories, etc.
Returns:
the result of looking for a matching policy

JBoss port of sunxacml 2.0.5-redhat-1

Copyright © 2011 JBoss, a division of Red Hat, Inc.. All Rights Reserved.