예제 #1
0
  /**
   * Reads a configuration file and configures this instance of the ContextHandler. It can
   * instantiate a client (that communicates with the PEP), a relationship resolver (that
   * communicates with the risearch REST service to determine parental relationships) and a response
   * cache (that caches requests/responses for quicker evaluations).
   *
   * @throws PEPException
   */
  private void init() throws PEPException {
    try {
      // get the PEP configuration
      File configPEPFile = new File(Constants.FEDORA_HOME, "server/config/config-melcoe-pep.xml");
      InputStream is = new FileInputStream(configPEPFile);
      if (is == null) {
        throw new PEPException("Could not locate config file: config-melcoe-pep.xml");
      }

      DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
      DocumentBuilder docBuilder = factory.newDocumentBuilder();
      Document doc = docBuilder.parse(is);
      NodeList nodes = null;

      if (logger.isDebugEnabled()) {
        logger.debug("Obtained the config file: config-melcoe-pep.xml");
      }

      String className = null;
      Constructor<?> c = null;

      Map<String, String> options = new HashMap<String, String>();

      // get the PDP Client
      nodes = doc.getElementsByTagName("pdp-client");
      if (nodes.getLength() != 1) {
        throw new PEPException("Config file needs to contain exactly 1 'pdp-client' section.");
      }

      className = nodes.item(0).getAttributes().getNamedItem("class").getNodeValue();
      NodeList optionNodes = nodes.item(0).getChildNodes();
      for (int x = 0; x < optionNodes.getLength(); x++) {
        Node n = optionNodes.item(x);
        if (optionNodes.item(x).getNodeType() == Node.ELEMENT_NODE) {
          logger.debug("Node [name]: " + n.getAttributes().getNamedItem("name").getNodeValue());
          String key = n.getAttributes().getNamedItem("name").getNodeValue();
          String value = n.getFirstChild().getNodeValue();
          options.put(key, value);
        }
      }

      c = Class.forName(className).getConstructor(new Class[] {Map.class});
      client = (PDPClient) c.newInstance(new Object[] {options});

      if (logger.isDebugEnabled()) {
        logger.debug("Instantiated PDPClient: " + className);
      }

      // get the Response Cache
      nodes = doc.getElementsByTagName("response-cache");
      if (nodes.getLength() != 1) {
        throw new PEPException("Config file needs to contain exactly 1 'response-cache' section.");
      }

      className = nodes.item(0).getAttributes().getNamedItem("class").getNodeValue();
      if ("true".equals(nodes.item(0).getAttributes().getNamedItem("active").getNodeValue())) {
        int cacheSize = 1000; // default
        long cacheTTL = 10000; // default
        NodeList children = nodes.item(0).getChildNodes();
        for (int x = 0; x < children.getLength(); x++) {
          if (children.item(x).getNodeType() == Node.ELEMENT_NODE) {
            if ("cache-size".equals(children.item(x).getNodeName())) {
              cacheSize = Integer.parseInt(children.item(x).getFirstChild().getNodeValue());
            }

            if ("cache-item-ttl".equals(children.item(x).getNodeName())) {
              cacheTTL = Long.parseLong(children.item(x).getFirstChild().getNodeValue());
            }
          }
        }

        c = Class.forName(className).getConstructor(new Class[] {Integer.class, Long.class});
        responseCache =
            (ResponseCache)
                c.newInstance(new Object[] {new Integer(cacheSize), new Long(cacheTTL)});

        if (logger.isDebugEnabled()) {
          logger.debug("Instantiated ResponseCache: " + className);
        }
      }

      // Get the evaluation engine
      nodes = doc.getElementsByTagName("evaluation-engine");
      if (nodes.getLength() != 1) {
        throw new PEPException(
            "Config file needs to contain exactly 1 'evaluation-engine' section.");
      }

      className = nodes.item(0).getAttributes().getNamedItem("class").getNodeValue();
      evaluationEngine = (EvaluationEngine) Class.forName(className).newInstance();
      evaluationEngine.setClient(client);
      evaluationEngine.setResponseCache(responseCache);

      if (logger.isDebugEnabled()) {
        logger.debug("Instantiated EvaluationEngine: " + className);
      }

      contextUtil = new ContextUtil();

      if (logger.isDebugEnabled()) {
        logger.debug("Instantiated ContextUtil.");
      }
    } catch (Exception e) {
      logger.error("Failed to initialse the PEP ContextHandler", e);
      throw new PEPException(e.getMessage(), e);
    }
  }
예제 #2
0
 /*
  * (non-Javadoc)
  * @see org.fcrepo.server.security.xacml.pep.ContextHandler#evaluate(java.lang.String)
  */
 public String evaluate(String request) throws PEPException {
   return evaluationEngine.evaluate(request);
 }
예제 #3
0
 /*
  * (non-Javadoc)
  * @see org.fcrepo.server.security.xacml.pep.ContextHandler#evaluateBatch(java.lang.String[])
  */
 public String evaluateBatch(String[] requests) throws PEPException {
   return evaluationEngine.evaluate(requests);
 }
예제 #4
0
 /*
  * (non-Javadoc)
  * @see
  * org.fcrepo.server.security.xacml.pep.ContextHandler#evaluate(com.sun.xacml.ctx.RequestCtx)
  */
 public ResponseCtx evaluate(RequestCtx reqCtx) throws PEPException {
   return evaluationEngine.evaluate(reqCtx);
 }