org.jboss.security.xacml.sunxacml
Class AbstractPolicy

java.lang.Object
  extended by org.jboss.security.xacml.sunxacml.AbstractPolicy
All Implemented Interfaces:
PolicyTreeElement
Direct Known Subclasses:
Policy, PolicyReference, PolicySet

public abstract class AbstractPolicy
extends Object
implements PolicyTreeElement

Represents an instance of an XACML policy.

Since:
1.0
Author:
Seth Proctor, Marco Barreno

Constructor Summary
protected AbstractPolicy()
          Constructor used by PolicyReference, which supplies its own values for the methods in this class.
protected AbstractPolicy(Node root, String policyPrefix, String combiningName)
          Constructor used by child classes to initialize the shared data from a DOM root node.
protected AbstractPolicy(URI id, String version, CombiningAlgorithm combiningAlg, String description, Target target)
          Constructor used to create a policy from concrete components.
protected AbstractPolicy(URI id, String version, CombiningAlgorithm combiningAlg, String description, Target target, String defaultVersion)
          Constructor used to create a policy from concrete components.
protected AbstractPolicy(URI id, String version, CombiningAlgorithm combiningAlg, String description, Target target, String defaultVersion, Set obligations, List parameters)
          Constructor used to create a policy from concrete components.
 
Method Summary
protected  void encodeCommonElements(OutputStream output, Indenter indenter)
          Routine used by Policy and PolicySet to encode some common elements.
 Result evaluate(EvaluationCtx context)
          Tries to evaluate the policy by calling the combining algorithm on the given policies or rules.
 List getChildElements()
          Returns the List of CombinerElements that is provided to the combining algorithm.
 List getChildren()
          Returns the List of children under this node in the policy tree.
 CombiningAlgorithm getCombiningAlg()
          Returns the combining algorithm used by this policy
 List getCombiningParameters()
          Returns the list of input parameters for the combining algorithm.
 String getDefaultVersion()
          Returns the XPath version to use or null if none was specified
 String getDescription()
          Returns the given description of this policy or null if there is no description
 URI getId()
          Returns the id of this policy
 PolicyMetaData getMetaData()
          Returns the meta-data associated with this policy
 Set getObligations()
          Returns the Set of obligations for this policy, which may be empty
 Target getTarget()
          Returns the target for this policy
 String getVersion()
          Returns the version of this policy.
 MatchResult match(EvaluationCtx context)
          Given the input context sees whether or not the request matches this policy.
protected  void setChildren(List children)
          Sets the child policy tree elements for this node, which are passed to the combining algorithm on evaluation.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 
Methods inherited from interface org.jboss.security.xacml.sunxacml.PolicyTreeElement
encode, encode
 

Constructor Detail

AbstractPolicy

protected AbstractPolicy()
Constructor used by PolicyReference, which supplies its own values for the methods in this class.


AbstractPolicy

protected AbstractPolicy(URI id,
                         String version,
                         CombiningAlgorithm combiningAlg,
                         String description,
                         Target target)
Constructor used to create a policy from concrete components.

Parameters:
id - the policy id
version - the policy version or null for the default (this is always null for pre-2.0 policies)
combiningAlg - the combining algorithm to use
description - describes the policy or null if there is none
target - the policy's target

AbstractPolicy

protected AbstractPolicy(URI id,
                         String version,
                         CombiningAlgorithm combiningAlg,
                         String description,
                         Target target,
                         String defaultVersion)
Constructor used to create a policy from concrete components.

Parameters:
id - the policy id
version - the policy version or null for the default (this is always null for pre-2.0 policies)
combiningAlg - the combining algorithm to use
description - describes the policy or null if there is none
target - the policy's target
defaultVersion - the XPath version to use for selectors

AbstractPolicy

protected AbstractPolicy(URI id,
                         String version,
                         CombiningAlgorithm combiningAlg,
                         String description,
                         Target target,
                         String defaultVersion,
                         Set obligations,
                         List parameters)
Constructor used to create a policy from concrete components.

Parameters:
id - the policy id
version - the policy version or null for the default (this is always null for pre-2.0 policies)
combiningAlg - the combining algorithm to use
description - describes the policy or null if there is none
target - the policy's target
defaultVersion - the XPath version to use for selectors
obligations - the policy's obligations

AbstractPolicy

protected AbstractPolicy(Node root,
                         String policyPrefix,
                         String combiningName)
                  throws ParsingException
Constructor used by child classes to initialize the shared data from a DOM root node.

Parameters:
root - the DOM root of the policy
policyPrefix - either "Policy" or "PolicySet"
combiningName - name of the field naming the combining alg
Throws:
ParsingException - if the policy is invalid
Method Detail

getId

public URI getId()
Returns the id of this policy

Specified by:
getId in interface PolicyTreeElement
Returns:
the policy id

getVersion

public String getVersion()
Returns the version of this policy. If this is an XACML 1.x policy then this will always return "1.0".

Returns:
the policy version

getCombiningAlg

public CombiningAlgorithm getCombiningAlg()
Returns the combining algorithm used by this policy

Returns:
the combining algorithm

getCombiningParameters

public List getCombiningParameters()
Returns the list of input parameters for the combining algorithm. If this is an XACML 1.x policy then the list will always be empty.

Returns:
a List of CombinerParameters

getDescription

public String getDescription()
Returns the given description of this policy or null if there is no description

Specified by:
getDescription in interface PolicyTreeElement
Returns:
the description or null

getTarget

public Target getTarget()
Returns the target for this policy

Specified by:
getTarget in interface PolicyTreeElement
Returns:
the policy's target

getDefaultVersion

public String getDefaultVersion()
Returns the XPath version to use or null if none was specified

Returns:
XPath version or null

getChildren

public List getChildren()
Returns the List of children under this node in the policy tree. Depending on what kind of policy this node represents the children will either be AbstractPolicy objects or Rules.

Specified by:
getChildren in interface PolicyTreeElement
Returns:
a List of child nodes

getChildElements

public List getChildElements()
Returns the List of CombinerElements that is provided to the combining algorithm. This returns the same set of children that getChildren provides along with any associated combiner parameters.

Returns:
a List of CombinerElements

getObligations

public Set getObligations()
Returns the Set of obligations for this policy, which may be empty

Returns:
the policy's obligations

getMetaData

public PolicyMetaData getMetaData()
Returns the meta-data associated with this policy


match

public MatchResult match(EvaluationCtx context)
Given the input context sees whether or not the request matches this policy. This must be called by combining algorithms before they evaluate a policy. This is also used in the initial policy finding operation to determine which top-level policies might apply to the request.

Specified by:
match in interface PolicyTreeElement
Parameters:
context - the representation of the request
Returns:
the result of trying to match the policy and the request

setChildren

protected void setChildren(List children)
Sets the child policy tree elements for this node, which are passed to the combining algorithm on evaluation. The List must contain CombinerElements, which in turn will contain Rules or AbstractPolicys, but may not contain both types of elements.

Parameters:
children - a List of CombinerElements representing the child elements used by the combining algorithm

evaluate

public Result evaluate(EvaluationCtx context)
Tries to evaluate the policy by calling the combining algorithm on the given policies or rules. The match method must always be called first, and must always return MATCH, before this method is called.

Specified by:
evaluate in interface PolicyTreeElement
Parameters:
context - the representation of the request
Returns:
the result of evaluation

encodeCommonElements

protected void encodeCommonElements(OutputStream output,
                                    Indenter indenter)
Routine used by Policy and PolicySet to encode some common elements.

Parameters:
output - a stream into which the XML-encoded data is written
indenter - an object that creates indentation strings


Copyright © 2009 JBoss, a division of Red Hat, Inc.. All Rights Reserved.