protected Target buildPolicyTarget(Subject subject, String resourceId, String actionId) { return new Target(subject, resourceId, actionId); }
private RequestDocument convert52nRequestToXACMLRequest(final PDPRequest pRequest) throws XmlException { RequestDocument lDoc = RequestDocument.Factory.newInstance(); RequestType lRequest = lDoc.addNewRequest(); Target target = pRequest.getTarget(); convertEnvironmentToXACMLEnvironment(pRequest.getEnvironment(), lRequest); convertSubjectToXACMLSubject(target.getSubject(), lRequest); convertLicensePrincipalOfSubjectToXACMLEnvironment(target.getSubject(), lRequest); // todo: support complex resource and action attributes and not only id's convertResourceToXACMLResource(target.getResourceId(), lRequest); convertActionToXACMLAction(target.getActionId(), lRequest); // type is ignored ! return lDoc; }
public List getPermissions(Target pTarget) throws DecisionProcessingException { Iterator principalIterator = pTarget.getSubject().getPrincipals( UsernameIDPrincipal.class).iterator(); UsernameIDPrincipal userNameIDprincipal = (UsernameIDPrincipal) principalIterator.next(); if (userNameIDprincipal == null) { throw new DecisionProcessingException( "Subject for PDP request contains no username or id"); } String lSubject = userNameIDprincipal.getName(); return getPermissions(lSubject, pTarget.getAction(), pTarget.getResource()); }
public String toString() { final StringBuffer sb = new StringBuffer(); sb.append("org.n52.security.decision.Target"); sb.append("{subject=").append(getSubject()); sb.append(", resourceAttributes=").append(getResourceAttributes()); sb.append(", actionAttributes=").append(getActionAttributes()); sb.append('}'); return sb.toString(); } }
SOSInterceptorGlobals.PERMISSION_PROCEDURES + "/" + prop).toString(); Target target = new Target(subject, resourceId, actionId); PDPRequest request = new PDPRequest(target); reqCollection.add(request); String targetResourceId = t.getResourceId();
/** * @deprecated use getResourceId() to get the id of the resource */ public String getResource() { return getResourceId(); }
Target tTarget = new Target(pSubject, (String) item.getTargetId(), actionId); PDPRequest request = new PDPRequest(tTarget); reqCollection.add(request); if (response.isPermit()) { Target t = requestForResponse.getTarget(); String layerName = (String) availableLayers.getItem(t.getResource()).getAppItem(); allowedLayers.add(layerName);
Set tPrincipals = target.getSubject().getPrincipals(); String lPermCollType = target.getType(); if (lPermCollType == null || lPermCollType.equals("")) { throw new DecisionProcessingException("Target must specify a PermissionCollection type"); lPermColl.getPermission(tPrincipals, target.getResource(), target.getAction()); if (tPermission == null) { response = new PDPResponse(PDPResponse.DECISION_DENY, request);
/** * @deprecated use getActionId to get the id of the action. */ public String getAction() { return getActionId(); }
/** * @deprecated use a application specific type attribute. */ public String getType() { return getResourceAttributes().getStringAttributeValue(RESOURCE_TYPE); }
public String getActionId() { return getActionAttributes().getStringAttributeValue(ACTION_ID); }
public boolean equals(final Object o) { if (this == o) { return true; } if (!(o instanceof PDPRequest)) { return false; } final PDPRequest that = (PDPRequest) o; if (!m_environment.equals(that.m_environment)) { return false; } if (!m_target.equals(that.m_target)) { return false; } return true; }
SOSInterceptorGlobals.PERMISSION_OBSERVED_PROPERTIES + "/" + prop).toString(); Target target = new Target(pSubject, resourceId, actionId); PDPRequest request = new PDPRequest(target); reqCollection.add(request); String targetResource = t.getResourceId();
String id = (String) allIds.getItem(t.getResourceId()).getAppItem(); if (!response.isPermit()) { notAllowedIds.add(id);
TargetItem item = new TargetItem(tLayer, resourceId); itemsCollection.addItem(item); Target tTarget = new Target(pSubject, resourceId, actionId); PDPRequest request = new PDPRequest(tTarget); reqCollection.add(request); if (!response.isPermit()) { Target t = requestForResponse.getTarget(); String targetResource = t.getResource(); TargetItem responseItem = itemsCollection.getItem(targetResource); lManipulator.trimLayerAndStyle((String) responseItem.getAppItem());
public void setResourceId(final String resourceId) { getResourceAttributes().putAttribute(RESOURCE_ID, resourceId); }
public void setActionId(final String actionId) { getActionAttributes().putAttribute(ACTION_ID, actionId); }
SOSInterceptorGlobals.PERMISSION_FEATURE_OF_INTERESTS + "/" + foiID).toString(); Target target = new Target(subject, resourceId, actionId); PDPRequest request = new PDPRequest(target); reqCollection.add(request); String targetResourceId = t.getResourceId();
private void store(final PDPRequest request, final PDPResponse resp) { if (m_stopped || m_maxCacheTime < 0) { return; } // store copy to ensure no memory leeks because of pdp responses/requests! CacheEntry entry = new CacheEntry(new PDPResponse(resp.getDecision(), new PDPRequest(new Target()), resp.getObligations())); String key = getCacheKey(request); synchronized (m_lock) { int size = m_decisionCache.size(); if (size > m_maxEntries) { // don't insert if limit is exceeded! return; } m_decisionCache.put(key, entry); } }
/** * Creates a unique key from the request object. * */ private String getCacheKey(final PDPRequest req) { // here we try to generate a hopefull unique "cachekey" // using the id of the user // the environment attributes, // and the the resource and action id String resource = req.getTarget().getResourceId(); String action = req.getTarget().getActionId(); String env = String.valueOf(req.getEnvironment().hashCode()); SubjectPrincipalAnalyzer principalAnalyzer = new SubjectPrincipalAnalyzer(req.getTarget().getSubject()); String userid = principalAnalyzer.getUsername(); LicenseReference licref = LicensingUtils.getLicenseReference(req.getTarget().getSubject()); String licId = licref != null ? licref.getLicenseId() : ""; if (userid == null) { userid = "#anonymous#"; } String key = new StringBuffer() .append("U:").append(userid) .append(";R:").append(resource) .append(";A:").append(action) .append(";L:").append(licId) .append(";E:").append(env).toString(); if (LOG.isTraceEnabled()) { LOG.trace("generate hash-key <" + key + "> for request <" + req + ">"); } return key; }