예제 #1
0
  protected void store(String... fields) throws FactoryException {
    DataTypeFactory thisDataTypeFactory = this.getDataTypeFactory();
    Identifier identifierCategory = new IdentifierImpl(fields[0]);
    Identifier identifierAttribute = new IdentifierImpl(fields[1]);
    Identifier identifierDataType = new IdentifierImpl(fields[2]);
    String issuer = fields.length == 5 ? fields[3] : null;
    String value = fields[fields.length - 1];

    DataType<?> dataType = thisDataTypeFactory.getDataType(identifierDataType);
    if (dataType == null) {
      logger.error("Unknown data type " + identifierDataType.stringValue());
      return;
    }

    AttributeValue<?> attributeValue = null;
    try {
      attributeValue = dataType.createAttributeValue(value);
    } catch (DataTypeException ex) {
      throw new FactoryException("DataTypeException creating AttributeValue", ex);
    }
    Attribute attribute =
        new StdMutableAttribute(
            identifierCategory, identifierAttribute, attributeValue, issuer, false);
    this.listAttributes.add(attribute);
  }
예제 #2
0
  public static boolean repair(Node nodePolicySet) throws DOMStructureException {
    Element elementPolicySet = DOMUtil.getElement(nodePolicySet);
    boolean result = false;

    NodeList children = elementPolicySet.getChildNodes();
    int numChildren;
    boolean sawDescription = false;
    boolean sawPolicyIssuer = false;
    boolean sawPolicyDefaults = false;
    boolean sawTarget = false;
    boolean sawObligationExprs = false;
    boolean sawAdviceExprs = false;

    if (children != null && (numChildren = children.getLength()) > 0) {
      /*
       * Now process the other elements so we can pull up the parent policy defaults
       */
      for (int i = 0; i < numChildren; i++) {
        Node child = children.item(i);
        if (DOMUtil.isElement(child)) {
          if (DOMUtil.isInNamespace(child, XACML3.XMLNS)) {
            String childName = child.getLocalName();
            if (XACML3.ELEMENT_DESCRIPTION.equals(childName)) {
              if (sawDescription) {
                logger.warn("Unexpected element " + child.getNodeName());
                elementPolicySet.removeChild(child);
                result = true;
              } else {
                sawDescription = true;
              }
            } else if (XACML3.ELEMENT_POLICYISSUER.equals(childName)) {
              if (sawPolicyIssuer) {
                logger.warn("Unexpected element " + child.getNodeName());
                elementPolicySet.removeChild(child);
                result = true;
              } else {
                sawPolicyIssuer = true;
                result = DOMPolicyIssuer.repair(child) || result;
              }
            } else if (XACML3.ELEMENT_POLICYSETDEFAULTS.equals(childName)) {
              if (sawPolicyDefaults) {
                logger.warn("Unexpected element " + child.getNodeName());
                elementPolicySet.removeChild(child);
                result = true;
              } else {
                sawPolicyDefaults = true;
                result = DOMPolicyDefaults.repair(child) || result;
              }
            } else if (XACML3.ELEMENT_TARGET.equals(childName)) {
              if (sawTarget) {
                logger.warn("Unexpected element " + child.getNodeName());
                elementPolicySet.removeChild(child);
                result = true;
              } else {
                sawTarget = true;
                result = DOMTarget.repair(child) || result;
              }
            } else if (XACML3.ELEMENT_POLICYSET.equals(childName)) {
              result = DOMPolicySet.repair(child) || result;
            } else if (XACML3.ELEMENT_POLICY.equals(childName)) {
              result = DOMPolicy.repair(child) || result;
            } else if (XACML3.ELEMENT_POLICYIDREFERENCE.equals(childName)) {
              result = DOMPolicyIdReference.repair(child) || result;
            } else if (XACML3.ELEMENT_POLICYSETIDREFERENCE.equals(childName)) {
              result = DOMPolicySetIdReference.repair(child) || result;
            } else if (XACML3.ELEMENT_COMBINERPARAMETERS.equals(childName)) {
              result = DOMCombinerParameter.repair(child) || result;
            } else if (XACML3.ELEMENT_POLICYCOMBINERPARAMETERS.equals(childName)) {
              result = DOMPolicyCombinerParameter.repair(child) || result;
            } else if (XACML3.ELEMENT_POLICYSETCOMBINERPARAMETERS.equals(childName)) {
              result = DOMPolicySetCombinerParameter.repair(child) || result;
            } else if (XACML3.ELEMENT_OBLIGATIONEXPRESSIONS.equals(childName)) {
              if (sawObligationExprs) {
                logger.warn("Unexpected element " + child.getNodeName());
                elementPolicySet.removeChild(child);
                result = true;
              } else {
                sawObligationExprs = true;
                result = DOMObligationExpression.repairList(child) || result;
              }
            } else if (XACML3.ELEMENT_ADVICEEXPRESSIONS.equals(childName)) {
              if (sawAdviceExprs) {
                logger.warn("Unexpected element " + child.getNodeName());
                elementPolicySet.removeChild(child);
                result = true;
              } else {
                sawAdviceExprs = true;
                result = DOMAdviceExpression.repairList(child) || result;
              }
            } else {
              logger.warn("Unexpected element " + child.getNodeName());
              elementPolicySet.removeChild(child);
              result = true;
            }
          } else {
            logger.warn("Unexpected element " + child.getNodeName());
            elementPolicySet.removeChild(child);
            result = true;
          }
        }
      }
    }
    if (!sawTarget) {
      throw DOMUtil.newMissingElementException(nodePolicySet, XACML3.XMLNS, XACML3.ELEMENT_TARGET);
    }

    /*
     * Get the attributes
     */
    result =
        DOMUtil.repairIdentifierAttribute(elementPolicySet, XACML3.ATTRIBUTE_POLICYSETID, logger)
            || result;
    result =
        DOMUtil.repairVersionAttribute(elementPolicySet, XACML3.ATTRIBUTE_VERSION, logger)
            || result;
    result =
        DOMUtil.repairIdentifierAttribute(
                elementPolicySet,
                XACML3.ATTRIBUTE_POLICYCOMBININGALGID,
                XACML3.ID_POLICY_DENY_OVERRIDES,
                logger)
            || result;

    Identifier identifier =
        DOMUtil.getIdentifierAttribute(elementPolicySet, XACML3.ATTRIBUTE_POLICYCOMBININGALGID);
    CombiningAlgorithm<PolicySetChild> combiningAlgorithm = null;
    try {
      combiningAlgorithm =
          CombiningAlgorithmFactory.newInstance().getPolicyCombiningAlgorithm(identifier);
    } catch (FactoryException ex) {
      combiningAlgorithm = null;
    }
    if (combiningAlgorithm == null) {
      logger.warn(
          "Setting invalid "
              + XACML3.ATTRIBUTE_POLICYCOMBININGALGID
              + " attribute "
              + identifier.stringValue()
              + " to "
              + XACML3.ID_POLICY_DENY_OVERRIDES.stringValue());
      elementPolicySet.setAttribute(
          XACML3.ATTRIBUTE_POLICYCOMBININGALGID, XACML3.ID_POLICY_DENY_OVERRIDES.stringValue());
      result = true;
    }

    return result;
  }