Package org.jboss.security.xacml.sunxacml.ctx

Examples of org.jboss.security.xacml.sunxacml.ctx.Result

91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
                          List ruleElements) {
        Iterator it = ruleElements.iterator();
       
        while (it.hasNext()) {
            Rule rule = ((RuleCombinerElement)(it.next())).getRule();
            Result result = rule.evaluate(context);
            int value = result.getDecision();
           
            // in the case of PERMIT, DENY, or INDETERMINATE, we always
            // just return that result, so only on a rule that doesn't
            // apply do we keep going...
            if (value != Result.DECISION_NOT_APPLICABLE)
                return result;
        }

        // if we got here, then none of the rules applied
        return new Result(Result.DECISION_NOT_APPLICABLE,
                          context.getResourceId().encode());
    }
View Full Code Here
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
            // make sure that the policy matches the context
            MatchResult match = policy.match(context);

            if (match.getResult() == MatchResult.INDETERMINATE)
                return new Result(Result.DECISION_DENY,
                                  context.getResourceId().encode());

            if (match.getResult() == MatchResult.MATCH) {
                // evaluate the policy
                Result result = policy.evaluate(context);
                int effect = result.getDecision();
               
                // unlike in the RuleCombining version of this alg, we always
                // return DENY if any Policy returns DENY or INDETERMINATE
                if ((effect == Result.DECISION_DENY) ||
                    (effect == Result.DECISION_INDETERMINATE))
                    return new Result(Result.DECISION_DENY,
                                      context.getResourceId().encode(),
                                      result.getObligations());
               
                // remember if at least one Policy said PERMIT
                if (effect == Result.DECISION_PERMIT) {
                    atLeastOnePermit = true;
                    permitObligations.addAll(result.getObligations());
                }
            }
        }
       
        // if we got a PERMIT, return it, otherwise it's NOT_APPLICABLE
        if (atLeastOnePermit)
            return new Result(Result.DECISION_PERMIT,
                              context.getResourceId().encode(),
                              permitObligations);
        else
            return new Result(Result.DECISION_NOT_APPLICABLE,
                              context.getResourceId().encode());
    }
View Full Code Here
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
    public Result combine(EvaluationCtx context, List parameters,
                          List ruleElements) {
        boolean atLeastOneError = false;
        boolean potentialPermit = false;
        boolean atLeastOneDeny = false;
        Result firstIndeterminateResult = null;
        Iterator it = ruleElements.iterator();

        while (it.hasNext()) {
            Rule rule = ((RuleCombinerElement)(it.next())).getRule();
            Result result = rule.evaluate(context);
            int value = result.getDecision();
           
            // if there was a value of PERMIT, then regardless of what
            // else we've seen, we always return PERMIT
            if (value == Result.DECISION_PERMIT)
                return result;
           
            // if it was INDETERMINATE, then we couldn't figure something
            // out, so we keep track of these cases...
            if (value == Result.DECISION_INDETERMINATE) {
                atLeastOneError = true;

                // there are no rules about what to do if multiple cases
                // cause errors, so we'll just return the first one
                if (firstIndeterminateResult == null)
                    firstIndeterminateResult = result;
               
                // if the Rule's effect is PERMIT, then we can't let this
                // alg return DENY, since this Rule might have permitted
                // if it could do its stuff
                if (rule.getEffect() == Result.DECISION_PERMIT)
                    potentialPermit = true;
            } else {
                // keep track of whether we had at least one rule that
                // actually pertained to the request
                if (value == Result.DECISION_DENY)
                    atLeastOneDeny = true;
            }
        }
       
        // we didn't explicitly PERMIT, but we might have had some Rule
        // been evaluated, so we have to return INDETERMINATE
        if (potentialPermit)
            return firstIndeterminateResult;
       
        // some Rule said DENY, so since nothing could have permitted,
        // we return DENY
        if (atLeastOneDeny)
            return new Result(Result.DECISION_DENY,
                              context.getResourceId().encode());
       
        // we didn't find anything that said DENY, but if we had a
        // problem with one of the Rules, then we're INDETERMINATE
        if (atLeastOneError)
            return firstIndeterminateResult;
       
        // if we hit this point, then none of the rules actually applied
        // to us, so we return NOT_APPLICABLE
        return new Result(Result.DECISION_NOT_APPLICABLE,
                          context.getResourceId().encode());
    }
View Full Code Here
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
     * @return the result of evaluation
     */
    public Result evaluate(EvaluationCtx context) {
        // if there is no finder, then we return NotApplicable
        if (finder == null)
            return new Result(Result.DECISION_NOT_APPLICABLE,
                              context.getResourceId().encode());

        PolicyFinderResult pfr = finder.findPolicy(reference, policyType,
                                                   constraints,
                                                   parentMetaData);

        // if we found nothing, then we return NotApplicable
        if (pfr.notApplicable())
            return new Result(Result.DECISION_NOT_APPLICABLE,
                              context.getResourceId().encode());

        // if there was an error, we return that status data
        if (pfr.indeterminate())
            return new Result(Result.DECISION_INDETERMINATE, pfr.getStatus(),
                              context.getResourceId().encode());

        // we must have found a policy
        return pfr.getPolicy().evaluate(context);
    }
View Full Code Here
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
     
      // consider each Result in the first Response, and try to find an
      // equivalent one in the second Response
      while (iter.hasNext())
      {
         Result result1 = (Result)(iter.next());
         Iterator it2 = set2.iterator();
         boolean matched = false;
        
         // go through the second list, and see if there's a matching Result
         while (it2.hasNext() && (! matched))
         {
            Result result2 = (Result)(it2.next());
            if (result1.getDecision() != result2.getDecision())
               throw new Exception("decision in the result do not match");
            assertStringMatch(result1.getResource(), result2.getResource());
            assertStatus(result1.getStatus(), result2.getStatus());
            assertObligations(result1.getObligations(),
                  result2.getObligations());
            matched = true;
         }
        
         // When matched, remove the result from the second set
         if (matched)
View Full Code Here
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
     *
     * @return the result of evaluation
     */
    public Result evaluate(EvaluationCtx context) {
        // evaluate
        Result result = combiningAlg.combine(context, parameters,
                                             childElements);

        // if we have no obligations, we're done
        if (obligations.size() == 0)
            return result;

        // now, see if we should add any obligations to the set
        int effect = result.getDecision();

        if ((effect == Result.DECISION_INDETERMINATE) ||
            (effect == Result.DECISION_NOT_APPLICABLE)) {
            // we didn't permit/deny, so we never return obligations
            return result;
        }

        Iterator it = obligations.iterator();
        while (it.hasNext()) {
            Obligation obligation = (Obligation)(it.next());
            if (obligation.getFulfillOn() == effect)
                result.addObligation(obligation);
        }

        // finally, return the result
        return result;
    }
View Full Code Here
188
189
190
191
192
193
194
   {
      ArrayList code = new ArrayList();
      code.add(Status.STATUS_SYNTAX_ERROR);
      Status status = new Status(code);

      return new ResponseCtx(new Result(Result.DECISION_INDETERMINATE, status));
   }
View Full Code Here
93
94
95
96
97
98
99
100
101
102
         InputStream responseStream = new FileInputStream(responseFile);
         if(responseStream  == null)
            throw new IllegalStateException("responseStream for IIA00"+ i + " is null");
         ResponseCtx expectedResponse = ResponseCtx.getInstance(responseStream);
         
         Result actualResult = (Result) actualResponse.getResults().iterator().next();
         Result expectedResult = (Result) expectedResponse.getResults().iterator().next();
         assertEquals("IIA00"+i, expectedResult.getDecision(),actualResult.getDecision())
      }
   }
View Full Code Here
134
135
136
137
138
139
140
141
142
143
         InputStream responseStream = new FileInputStream(responseFile);
         if(responseStream  == null)
            throw new IllegalStateException("responseStream for IIB0"+ i + " is null");
         ResponseCtx expectedResponse = ResponseCtx.getInstance(responseStream);

         Result actualResult = (Result) actualResponse.getResults().iterator().next();
         Result expectedResult = (Result) expectedResponse.getResults().iterator().next();
         assertEquals("IIB0"+i, expectedResult.getDecision(),actualResult.getDecision());
      }
   }
View Full Code Here
194
195
196
197
198
199
200
201
202
203
         InputStream responseStream = new FileInputStream(responseFile);
         if(responseStream  == null)
            throw new IllegalStateException("responseStream for IIC0"+ i + " is null");
         ResponseCtx expectedResponse = ResponseCtx.getInstance(responseStream);

         Result actualResult = (Result) actualResponse.getResults().iterator().next();
         Result expectedResult = (Result) expectedResponse.getResults().iterator().next();
         assertEquals("IIC0"+i, expectedResult.getDecision(),actualResult.getDecision());
      }
   }
View Full Code Here
TOP

Related Classes of org.jboss.security.xacml.sunxacml.ctx.Result

  • org.jboss.security.xacml.core.JBossResponseContext
  • org.jboss.security.xacml.sunxacml.AbstractPolicy
  • org.jboss.security.xacml.sunxacml.combine.DenyOverridesPolicyAlg
  • org.jboss.security.xacml.sunxacml.combine.DenyOverridesRuleAlg
  • org.jboss.security.xacml.sunxacml.combine.FirstApplicablePolicyAlg
  • org.jboss.security.xacml.sunxacml.combine.FirstApplicableRuleAlg
  • org.jboss.security.xacml.sunxacml.combine.OnlyOneApplicablePolicyAlg
  • org.jboss.security.xacml.sunxacml.combine.PermitOverridesPolicyAlg
  • org.jboss.security.xacml.sunxacml.combine.PermitOverridesRuleAlg
  • org.jboss.security.xacml.sunxacml.Indenter
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.