Package org.ow2.authzforce.core.pdp.impl.io

Class SingleDecisionXacmlJaxbRequestPreprocessor

  • All Implemented Interfaces:
    org.ow2.authzforce.core.pdp.api.DecisionRequestPreprocessor<oasis.names.tc.xacml._3_0.core.schema.wd_17.Request,​org.ow2.authzforce.core.pdp.api.io.IndividualXacmlJaxbRequest>
    public final class SingleDecisionXacmlJaxbRequestPreprocessor
extends org.ow2.authzforce.core.pdp.api.io.BaseXacmlJaxbRequestPreprocessor
    Default XACML/XML Request preprocessor Individual Decision Requests only (no support of Multiple Decision Profile in particular)
    Version:
    $Id: $

    • Nested Class Summary

      Nested Classes 
      Modifier and Type Class Description
      static class  SingleDecisionXacmlJaxbRequestPreprocessor.LaxVariantFactory
      Factory for this type of request preprocessor that allows duplicate <Attribute> with same meta-data in the same <Attributes> element of a Request (complying with XACML 3.0 core spec, §7.3.3).
      static class  SingleDecisionXacmlJaxbRequestPreprocessor.StrictVariantFactory
      Factory for this type of request preprocessor that does NOT allow duplicate <Attribute> with same meta-data in the same <Attributes> element of a Request (NOT complying fully with XACML 3.0 core spec, §7.3.3).

      • Nested classes/interfaces inherited from class org.ow2.authzforce.core.pdp.api.io.BaseXacmlJaxbRequestPreprocessor

        org.ow2.authzforce.core.pdp.api.io.BaseXacmlJaxbRequestPreprocessor.Factory

    • Field Summary

      • Fields inherited from class org.ow2.authzforce.core.pdp.api.io.BaseXacmlJaxbRequestPreprocessor

        UNSUPPORTED_MULTI_REQUESTS_EXCEPTION

    • Constructor Summary

      Constructors 
      Constructor Description
      SingleDecisionXacmlJaxbRequestPreprocessor​(org.ow2.authzforce.core.pdp.api.value.AttributeValueFactoryRegistry datatypeFactoryRegistry, org.ow2.authzforce.core.pdp.api.DecisionRequestFactory<org.ow2.authzforce.core.pdp.api.ImmutableDecisionRequest> requestFactory, boolean strictAttributeIssuerMatch, boolean allowAttributeDuplicates, boolean requireContentForXPath, Set<String> extraPdpFeatures)
      Creates instance of default request preprocessor
      SingleDecisionXacmlJaxbRequestPreprocessor​(org.ow2.authzforce.core.pdp.api.value.AttributeValueFactoryRegistry datatypeFactoryRegistry, org.ow2.authzforce.core.pdp.api.DecisionRequestFactory<org.ow2.authzforce.core.pdp.api.ImmutableDecisionRequest> requestFactory, boolean strictAttributeIssuerMatch, boolean allowAttributeDuplicates, boolean requireContentForXPath, Set<String> extraPdpFeatures, Optional<org.ow2.authzforce.core.pdp.api.io.NamedXacmlAttributeParser<oasis.names.tc.xacml._3_0.core.schema.wd_17.Attribute>> namedAttributeParser)
      Creates instance of default request preprocessor

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      List<org.ow2.authzforce.core.pdp.api.io.IndividualXacmlJaxbRequest> process​(List<oasis.names.tc.xacml._3_0.core.schema.wd_17.Attributes> attributesList, org.ow2.authzforce.core.pdp.api.io.SingleCategoryXacmlAttributesParser<oasis.names.tc.xacml._3_0.core.schema.wd_17.Attributes> xacmlAttrsParser, boolean isApplicablePolicyIdListReturned, boolean combinedDecision, Optional<org.ow2.authzforce.core.pdp.api.expression.XPathCompilerProxy> xPathCompiler, Map<String,​String> namespaceURIsByPrefix)  

      • Methods inherited from class org.ow2.authzforce.core.pdp.api.io.BaseXacmlJaxbRequestPreprocessor

        getInputRequestType, getOutputRequestType, process

    • Constructor Detail

      • SingleDecisionXacmlJaxbRequestPreprocessor

        public SingleDecisionXacmlJaxbRequestPreprocessor​(org.ow2.authzforce.core.pdp.api.value.AttributeValueFactoryRegistry datatypeFactoryRegistry,
                                                  org.ow2.authzforce.core.pdp.api.DecisionRequestFactory<org.ow2.authzforce.core.pdp.api.ImmutableDecisionRequest> requestFactory,
                                                  boolean strictAttributeIssuerMatch,
                                                  boolean allowAttributeDuplicates,
                                                  boolean requireContentForXPath,
                                                  Set<String> extraPdpFeatures,
                                                  Optional<org.ow2.authzforce.core.pdp.api.io.NamedXacmlAttributeParser<oasis.names.tc.xacml._3_0.core.schema.wd_17.Attribute>> namedAttributeParser)
        Creates instance of default request preprocessor
        Parameters:
        datatypeFactoryRegistry - attribute datatype registry
        requestFactory - decision request factory
        strictAttributeIssuerMatch - true iff strict attribute Issuer match must be enforced (in particular request attributes with empty Issuer only match corresponding AttributeDesignators with empty Issuer)
        allowAttributeDuplicates - true iff duplicate Attribute (with same metadata) elements in Request (for multi-valued attributes) must be allowed
        requireContentForXPath - true iff Content elements must be parsed, else ignored
        extraPdpFeatures - extra - not mandatory per XACML 3.0 core specification - features supported by the PDP engine. This preprocessor checks whether it is supported by the PDP before processing the request further.
        namedAttributeParser - custom parser of named Attributes, to customize how XACML Attributes are converted into instance of AuthzForce internal Attribute class

      • SingleDecisionXacmlJaxbRequestPreprocessor

        public SingleDecisionXacmlJaxbRequestPreprocessor​(org.ow2.authzforce.core.pdp.api.value.AttributeValueFactoryRegistry datatypeFactoryRegistry,
                                                  org.ow2.authzforce.core.pdp.api.DecisionRequestFactory<org.ow2.authzforce.core.pdp.api.ImmutableDecisionRequest> requestFactory,
                                                  boolean strictAttributeIssuerMatch,
                                                  boolean allowAttributeDuplicates,
                                                  boolean requireContentForXPath,
                                                  Set<String> extraPdpFeatures)
        Creates instance of default request preprocessor
        Parameters:
        datatypeFactoryRegistry - attribute datatype registry
        requestFactory - decision request factory
        strictAttributeIssuerMatch - true iff strict attribute Issuer match must be enforced (in particular request attributes with empty Issuer only match corresponding AttributeDesignators with empty Issuer)
        allowAttributeDuplicates - true iff duplicate Attribute (with same metadata) elements in Request (for multi-valued attributes) must be allowed
        requireContentForXPath - true iff Content elements must be parsed, else ignored
        extraPdpFeatures - extra - not mandatory per XACML 3.0 core specification - features supported by the PDP engine. This preprocessor checks whether it is supported by the PDP before processing the request further.

    • Method Detail

      • process

        public List<org.ow2.authzforce.core.pdp.api.io.IndividualXacmlJaxbRequest> process​(List<oasis.names.tc.xacml._3_0.core.schema.wd_17.Attributes> attributesList,
                                                                                   org.ow2.authzforce.core.pdp.api.io.SingleCategoryXacmlAttributesParser<oasis.names.tc.xacml._3_0.core.schema.wd_17.Attributes> xacmlAttrsParser,
                                                                                   boolean isApplicablePolicyIdListReturned,
                                                                                   boolean combinedDecision,
                                                                                   Optional<org.ow2.authzforce.core.pdp.api.expression.XPathCompilerProxy> xPathCompiler,
                                                                                   Map<String,​String> namespaceURIsByPrefix)
                                                                            throws org.ow2.authzforce.core.pdp.api.IndeterminateEvaluationException
        Specified by:
        process in class org.ow2.authzforce.core.pdp.api.io.BaseXacmlJaxbRequestPreprocessor
        Throws:
        org.ow2.authzforce.core.pdp.api.IndeterminateEvaluationException