public String toString() { final StringBuffer sb = new StringBuffer(); sb.append("org.n52.security.decision.PDPResponse"); sb.append("{decision=").append(getDecision()); sb.append(", obligations=").append(getObligations()); sb.append(", request=").append(getRequest()); sb.append('}'); return sb.toString(); }
private PDPResponse lookUp(final PDPRequest req) { if (m_stopped || m_maxCacheTime < 0) { // cache disabled return null; } String key = getCacheKey(req); CacheEntry cacheEntry = null; synchronized (m_lock) { cacheEntry = m_decisionCache.get(key); } long now = System.currentTimeMillis(); PDPResponse resp = null; if (cacheEntry != null && cacheEntry.getInserted() > (now - m_maxCacheTime) && (resp = cacheEntry.getResponse()) != null) { if (LOG.isTraceEnabled()) { LOG.trace("cache hit for <" + req + "> --return--> <" + resp + ">"); } m_hitCount.incrementAndGet(); // return copy to ensure that the request object is the input param! return new PDPResponse(resp.getDecision(), req, resp.getObligations()); } m_missCount.incrementAndGet(); return null; }
private void handleObligations(PDPResponse response) throws EnforcementServiceException { Collection lObligations = response.getObligations();
String ucString = ""; String srs = ""; for (Obligation obligation : response.getObligations()) {
String ucString = ""; String srs = ""; for (Obligation obligation : response.getObligations()) {
PDPResponse response = resIterator.next(); if (response.hasObligations()) { for (Obligation obligation : response.getObligations()) { if (obligation.getId().equals(SOSInterceptorGlobals.OBLIGATION_TIME)) { obligationBeginDate =
for (Obligation obligation : response.getObligations()) {
for (Obligation obligation : response.getObligations()) {
private void store(final PDPRequest request, final PDPResponse resp) { if (m_stopped || m_maxCacheTime < 0) { return; } // store copy to ensure no memory leeks because of pdp responses/requests! CacheEntry entry = new CacheEntry(new PDPResponse(resp.getDecision(), new PDPRequest(new Target()), resp.getObligations())); String key = getCacheKey(request); synchronized (m_lock) { int size = m_decisionCache.size(); if (size > m_maxEntries) { // don't insert if limit is exceeded! return; } m_decisionCache.put(key, entry); } }
for (Obligation obligation : response.getObligations()) { if (obligation.getId().equals(SOSInterceptorGlobals.OBLIGATION_BBOX)) { srs =
for (Obligation obligation : response.getObligations()) { if (obligation.getId().equals(SOSInterceptorGlobals.OBLIGATION_TIME)) { beginDate =
protected boolean isAccessPermitted( final WebSecurityProcessingContext securityCtx, final WebContext webCtx) { String resourceId = buildResourceId(webCtx); String actionId = buildActionId(webCtx.getRequest().getMethod()); Target target = buildPolicyTarget(securityCtx.getSubject(), resourceId, actionId); try { PDPResponseCollection respcol = m_decisionService.request(new PDPRequestCollection().add(new PDPRequest(target))); PDPResponse decision = (PDPResponse) respcol.iterator().next(); if (decision.isPermit()) { Collection<Obligation> obligations = decision.getObligations(); // we store the obligations ot fulfil in the context // TODO: create an obligation processor interface or the like? securityCtx.setSharedProcessingState("url.processing.obligations", obligations); return true; } return false; } catch (Throwable ex) { throw new WebSecurityProcessingException("error during policy decision processing of ressourceId <" + resourceId + "> action <" + actionId + "> blocking access!" + ex, ex); } }
String targetResource = t.getResource(); TargetItem responseItem = itemsCollection.getItem(targetResource); lManipulator.handleObligations(response.getObligations(), (String) responseItem.getAppItem());