JBoss port of sunxacml 2.0.5

org.jboss.security.xacml.sunxacml.attr
Class AttributeSelector

java.lang.Object
  extended by org.jboss.security.xacml.sunxacml.attr.AttributeSelector
All Implemented Interfaces:
Evaluatable, Expression

public class AttributeSelector
extends Object
implements Evaluatable

Supports the standard selector functionality in XACML, which uses XPath expressions to resolve values from the Request or elsewhere. All selector queries are done by AttributeFinderModules so that it's easy to plugin different XPath implementations.

Since:
1.0
Author:
Seth Proctor

Constructor Summary
AttributeSelector(URI type, String contextPath, boolean mustBePresent, String xpathVersion)
          Creates a new AttributeSelector with no policy root.
AttributeSelector(URI type, String contextPath, Node policyRoot, boolean mustBePresent, String xpathVersion)
          Creates a new AttributeSelector.
 
Method Summary
 void encode(OutputStream output)
          Encodes this selector into its XML representation and writes this encoding to the given OutputStream with no indentation.
 void encode(OutputStream output, Indenter indenter)
          Encodes this selector into its XML representation and writes this encoding to the given OutputStream with indentation.
 EvaluationResult evaluate(EvaluationCtx context)
          Invokes the AttributeFinder used by the given EvaluationCtx to try to resolve an attribute value.
 boolean evaluatesToBag()
          Deprecated. As of 2.0, you should use the returnsBag method from the super-interface Expression.
 List getChildren()
          Always returns an empty list since selectors never have children.
 String getContextPath()
          Returns the XPath query used to resolve attribute values.
static AttributeSelector getInstance(Node root, PolicyMetaData metaData)
          Creates a new AttributeSelector based on the DOM root of the XML type.
static AttributeSelector getInstance(Node root, String xpathVersion)
          Deprecated. As of 2.0 you should avoid using this method and should instead use the version that takes a PolicyMetaData instance. This method will only work for XACML 1.x policies.
 URI getType()
          Returns the data type of the attribute values that this selector will resolve
 String getXPathVersion()
          Returns the XPath version this selector is supposed to use.
 boolean mustBePresent()
          Returns whether or not a value is required to be resolved by this selector.
 boolean returnsBag()
          Always returns true, since a selector always returns a bag of attribute values.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

AttributeSelector

public AttributeSelector(URI type,
                         String contextPath,
                         boolean mustBePresent,
                         String xpathVersion)
Creates a new AttributeSelector with no policy root.

Parameters:
type - the data type of the attribute values this selector looks for
contextPath - the XPath to query
mustBePresent - must resolution find a match
xpathVersion - the XPath version to use, which must be a valid XPath version string (the identifier for XPath 1.0 is provided in PolicyMetaData)

AttributeSelector

public AttributeSelector(URI type,
                         String contextPath,
                         Node policyRoot,
                         boolean mustBePresent,
                         String xpathVersion)
Creates a new AttributeSelector.

Parameters:
type - the data type of the attribute values this selector looks for
contextPath - the XPath to query
policyRoot - the root DOM Element for the policy containing this selector, which defines namespace mappings
mustBePresent - must resolution find a match
xpathVersion - the XPath version to use, which must be a valid XPath version string (the identifier for XPath 1.0 is provided in PolicyMetaData)
Method Detail

getInstance

public static AttributeSelector getInstance(Node root,
                                            String xpathVersion)
                                     throws ParsingException
Deprecated. As of 2.0 you should avoid using this method and should instead use the version that takes a PolicyMetaData instance. This method will only work for XACML 1.x policies.

Creates a new AttributeSelector based on the DOM root of the XML type. Note that as of XACML 1.1 the XPathVersion element is required in any policy that uses a selector, so if the xpathVersion string is null, then this will throw an exception.

Parameters:
root - the root of the DOM tree for the XML AttributeSelectorType XML type
xpathVersion - the XPath version to use, or null if this is unspecified (ie, not supplied in the defaults section of the policy)
Returns:
an AttributeSelector
Throws:
ParsingException - if the AttributeSelectorType was invalid

getInstance

public static AttributeSelector getInstance(Node root,
                                            PolicyMetaData metaData)
                                     throws ParsingException
Creates a new AttributeSelector based on the DOM root of the XML type. Note that as of XACML 1.1 the XPathVersion element is required in any policy that uses a selector, so if the xpathVersion string is null, then this will throw an exception.

Parameters:
root - the root of the DOM tree for the XML AttributeSelectorType XML type
metaData - the meta-data associated with the containing policy
Returns:
an AttributeSelector
Throws:
ParsingException - if the AttributeSelectorType was invalid

getType

public URI getType()
Returns the data type of the attribute values that this selector will resolve

Specified by:
getType in interface Expression
Returns:
the data type of the values found by this selector

getContextPath

public String getContextPath()
Returns the XPath query used to resolve attribute values.

Returns:
the XPath query

mustBePresent

public boolean mustBePresent()
Returns whether or not a value is required to be resolved by this selector.

Returns:
true if a value is required, false otherwise

returnsBag

public boolean returnsBag()
Always returns true, since a selector always returns a bag of attribute values.

Specified by:
returnsBag in interface Expression
Returns:
true

evaluatesToBag

public boolean evaluatesToBag()
Deprecated. As of 2.0, you should use the returnsBag method from the super-interface Expression.

Always returns true, since a selector always returns a bag of attribute values.

Specified by:
evaluatesToBag in interface Evaluatable
Returns:
true

getChildren

public List getChildren()
Always returns an empty list since selectors never have children.

Specified by:
getChildren in interface Evaluatable
Returns:
an empty List

getXPathVersion

public String getXPathVersion()
Returns the XPath version this selector is supposed to use. This is typically provided by the defaults section of the policy containing this selector.

Returns:
the XPath version

evaluate

public EvaluationResult evaluate(EvaluationCtx context)
Invokes the AttributeFinder used by the given EvaluationCtx to try to resolve an attribute value. If the selector is defined with MustBePresent as true, then failure to find a matching value will result in Indeterminate, otherwise it will result in an empty bag. To support the basic selector functionality defined in the XACML specification, use a finder that has only the SelectorModule as a module that supports selector finding.

Specified by:
evaluate in interface Evaluatable
Parameters:
context - representation of the request to search
Returns:
a result containing a bag either empty because no values were found or containing at least one value, or status associated with an Indeterminate result

encode

public void encode(OutputStream output)
Encodes this selector into its XML representation and writes this encoding to the given OutputStream with no indentation.

Specified by:
encode in interface Expression
Parameters:
output - a stream into which the XML-encoded data is written

encode

public void encode(OutputStream output,
                   Indenter indenter)
Encodes this selector into its XML representation and writes this encoding to the given OutputStream with indentation.

Specified by:
encode in interface Expression
Parameters:
output - a stream into which the XML-encoded data is written
indenter - an object that creates indentation strings

JBoss port of sunxacml 2.0.5

Copyright © 2011 JBoss, a division of Red Hat, Inc.. All Rights Reserved.