📄 engine.java
字号:
/*
* Copyright (c) 2006, University of Kent
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
*
* Redistributions of source code must retain the above copyright notice, this
* list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above copyright notice,
* this list of conditions and the following disclaimer in the documentation
* and/or other materials provided with the distribution.
*
* 1. Neither the name of the University of Kent nor the names of its
* contributors may be used to endorse or promote products derived from this
* software without specific prior written permission.
*
* 2. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
* IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
* THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED.
*
* 3. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
* LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
* 4. YOU AGREE THAT THE EXCLUSIONS IN PARAGRAPHS 2 AND 3 ABOVE ARE REASONABLE
* IN THE CIRCUMSTANCES. IN PARTICULAR, YOU ACKNOWLEDGE (1) THAT THIS
* SOFTWARE HAS BEEN MADE AVAILABLE TO YOU FREE OF CHARGE, (2) THAT THIS
* SOFTWARE IS NOT "PRODUCT" QUALITY, BUT HAS BEEN PRODUCED BY A RESEARCH
* GROUP WHO DESIRE TO MAKE THIS SOFTWARE FREELY AVAILABLE TO PEOPLE WHO WISH
* TO USE IT, AND (3) THAT BECAUSE THIS SOFTWARE IS NOT OF "PRODUCT" QUALITY
* IT IS INEVITABLE THAT THERE WILL BE BUGS AND ERRORS, AND POSSIBLY MORE
* SERIOUS FAULTS, IN THIS SOFTWARE.
*
* 5. This license is governed, except to the extent that local laws
* necessarily apply, by the laws of England and Wales.
*/
/*
* Engine.java
*
* Created on 12 July 2006, 11:44
*
* To change this template, choose Tools | Template Manager
* and open the template in the editor.
*/
package uk.ac.kent.dpa.obligation.engine;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.parsers.ParserConfigurationException;
import org.w3c.dom.*;
import javax.xml.parsers.*;
import java.util.*;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import issrg.web.service.EncodeXML;
/**
*
* @author ls97
*/
public class Engine {
private static int SUBJECT = 0;
private static int RESOURCE = 1;
private static int ACTION = 2;
private static int ENVIRONMENT = 3;
private Element obligations; //XACML obligations
private Element requestContext; //XACML request context
private static Log logger = LogFactory.getLog(Engine.class.getName());
/** Creates a new instance of Engine */
public Engine(Element obligationIn,Element reqCtxIn) {
this.obligations = obligationIn;
this.requestContext = reqCtxIn;
}
/**
* given obligations and a request context, which are set in the constructor,
* the obligations are enforced.
* @return Element, a XACML request context contains the result.
**/
public Element execute() throws EngineException {
DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
factory.setValidating(false);
Document doc = null;
try {
doc = factory.newDocumentBuilder().newDocument();
} catch (ParserConfigurationException pe) {
throw new EngineException("XML parser error:"+pe);
}
Element req = doc.createElement("Request");
req.setAttribute("xmlns","urn:oasis:names:tc:xacml:1.0:context");
req.setAttribute("xmlns:xsi","http://www.w3.org/2001/XMLSchema-instance");
Element env = doc.createElement("Environment");
Node obligations = this.obligations;
Node requestContext = this.requestContext;
if (!obligations.getNodeName().equals("Obligations"))
throw new EngineException("the input is not valid XACML obligations");
if (!requestContext.getNodeName().equals("Request"))
throw new EngineException("the input is not a valid XACML request");
NodeList list = obligations.getChildNodes();
for (int i=0; i<list.getLength(); i++) {
Node obligation = list.item(i);
if (Text.class.isAssignableFrom(obligation.getClass())) continue;
Element obl = (Element)obligation;
if (!obl.getAttribute("FulfillOn").equals("Permit")) continue;
String obligationId = obl.getAttribute("ObligationId");
NodeList list1 = obligation.getChildNodes();
for (int j=0; j<list1.getLength(); j++) {
Node assign = list1.item(j);
if (Text.class.isAssignableFrom(assign.getClass())) continue;
if (!assign.getNodeName().equals("AttributeAssignment"))
throw new EngineException("the input is not valid XACML obligations");
Element ass = (Element)assign;
String attributeId = ass.getAttribute("AttributeId");
if (attributeId==null)
throw new EngineException("the input is not valid XACML obligations (missing AttributeId or DataType)");
NodeList list2 = assign.getChildNodes();
Node apply = null;
int c = 0;
Element attribute = doc.createElement("Attribute");
attribute.setAttribute("AttributeId",attributeId);
attribute.setAttribute("DataType","");
attribute.setAttribute("obligationId",obligationId);
for (int k=0; k<list2.getLength(); k++) {
apply = list2.item(k);
if (Text.class.isAssignableFrom(apply.getClass())) continue;
c++;
String[] value = this.calculation(apply,this.requestContext);
for (int l=0; l<value.length; l++) {
Element attributeValue = doc.createElement("AttributeValue");
Text text = doc.createTextNode(value[l]);
attributeValue.appendChild(text);
attribute.appendChild(attributeValue);
}
}
if (c==0)
throw new EngineException("the input is not valid XACML obligations (missing value)");
env.appendChild(attribute);
}
}
if (env.getChildNodes().getLength()>0) req.appendChild(env);
return req;
}
/**
* given a Apply or AttributeDesignator element, to calculate its value.
* @return String[], in case it is a set value.
* Otherwise, the single value is the first element
**/
private String[] calculation(Node apply,Element reqCtx) throws EngineException {
Element ele = (Element)apply;
if (apply.getNodeName().equals("Apply")) {
String functionId = ele.getAttribute("FunctionId");
NodeList list = apply.getChildNodes();
ArrayList values = new ArrayList();
for (int i=0; i<list.getLength(); i++) {
Node node = list.item(i);
if (Text.class.isAssignableFrom(node.getClass())) continue;
values.add(this.calculation(node,reqCtx));
}
return this.process(functionId,values);
} else {
int type = -1;
if (apply.getNodeName().equals("ActionAttributeDesignator")) type=this.ACTION;
if (apply.getNodeName().equals("ResourceAttributeDesignator")) type=this.RESOURCE;
if (apply.getNodeName().equals("SubjectAttributeDesignator")) type=this.SUBJECT;
if (apply.getNodeName().equals("EnvironmentAttributeDesignator")) type=this.ENVIRONMENT;
if (type==-1) throw new EngineException("unknown attribute");
String attributeId = ele.getAttribute("AttributeId");
String dataType = ele.getAttribute("DataType");
return getValues(attributeId,dataType,reqCtx,type);
}
}
/**
* @param id, XACML function id
* @param operands, a list of arguments of the function. Each argument is String[]
*/
private String[] process(String id, ArrayList operands) throws EngineException {
ArrayList list = new ArrayList();
if (id.equals("urn:oasis:names:tc:xacml:1.0:function:integer-add")) {
int value = this.integerAdd(operands);
list.add(new Integer(value).toString());
} else if (id.equals("urn:oasis:names:tc:xacml:1.0:function:double-add")) {
double value = this.doubleAdd(operands);
list.add(new Float(value).toString());
} else if (id.equals("urn:oasis:names:tc:xacml:1.0:function:integer-subtract")) {
int value = this.integerSubtract(operands);
list.add(new Integer(value).toString());
} else if (id.equals("urn:oasis:names:tc:xacml:1.0:function:double-subtract")) {
double value = this.doubleSubtract(operands);
list.add(new Float(value).toString());
} else if (id.equals("urn:oasis:names:tc:xacml:1.0:function:integer-multiply")) {
int value = this.integerMultiply(operands);
list.add(new Integer(value).toString());
} else if (id.equals("urn:oasis:names:tc:xacml:1.0:function:double-multiply")) {
double value = this.doubleMultiply(operands);
list.add(new Float(value).toString());
} else if (id.equals("urn:oasis:names:tc:xacml:1.0:function:integer-divide")) {
int value = this.integerDivide(operands);
list.add(new Integer(value).toString());
} else if (id.equals("urn:oasis:names:tc:xacml:1.0:function:double-divide")) {
double value = this.doubleDivide(operands);
list.add(new Float(value).toString());
} else if (id.equals("urn:oasis:names:tc:xacml:2.0:function:string-concatenate")) {
String value = this.concate(operands);
list.add(value);
} else if (id.equals("urn:oasis:names:tc:xacml:1.0:function:integer-intersection")) {
String[] values = this.intersection(operands);
for (int i=0; i<values.length; i++) {
list.add(values[i]);
}
} else if (id.equals("urn:oasis:names:tc:xacml:1.0:function:double-intersection")) {
String[] values = this.intersection(operands);
for (int i=0; i<values.length; i++) {
list.add(values[i]);
}
} else if (id.equals("urn:oasis:names:tc:xacml:1.0:function:string-intersection")) {
String[] values = this.intersection(operands);
for (int i=0; i<values.length; i++) {
list.add(values[i]);
}
} else if (id.equals("urn:oasis:names:tc:xacml:1.0:function:integer-union")) {
String[] values = this.union(operands);
for (int i=0; i<values.length; i++) {
list.add(values[i]);
}
} else if (id.equals("urn:oasis:names:tc:xacml:1.0:function:double-union")) {
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -