org.wso2.carbon.identity.entitlement.stub.EntitlementServiceStub Java Examples
The following examples show how to use
org.wso2.carbon.identity.entitlement.stub.EntitlementServiceStub.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: SOAPEntitlementServiceClient.java From micro-integrator with Apache License 2.0 | 6 votes |
|
@Override
public boolean subjectCanActOnResource(String subjectType, String alias, String actionId, String resourceId,
String domainId, String appId) throws Exception {
Attribute subjectAttribute = new Attribute(ACCESS_SUBJECT, subjectType, ProxyConstants.DEFAULT_DATA_TYPE,
alias);
Attribute actionAttribute = new Attribute(ACTION, ACTION_ID, ProxyConstants.DEFAULT_DATA_TYPE, actionId);
Attribute resourceAttribute = new Attribute(RESOURCE, RESOURCE_ID, ProxyConstants.DEFAULT_DATA_TYPE,
resourceId);
Attribute environmentAttribute = new Attribute(CATEGORY_ENVIRONMENT, ENVIRONMENT_ID,
ProxyConstants.DEFAULT_DATA_TYPE, domainId);
Attribute[] tempArr = { subjectAttribute, actionAttribute, resourceAttribute, environmentAttribute };
String xacmlRequest = XACMLRequetBuilder.buildXACML3Request(tempArr);
EntitlementServiceStub stub = getEntitlementStub(serverUrl);
Authenticator authenticator = getAuthenticator(serverUrl, userName, password, authorizedCookie);
String result = getDecision(xacmlRequest, stub, authenticator);
stub._getServiceClient().cleanupTransport();
return result.contains("Permit");
}
Example #2
| Source File: SOAPEntitlementServiceClient.java From carbon-identity with Apache License 2.0 | 6 votes |
|
@Override
public boolean subjectCanActOnResource(String subjectType, String alias, String actionId,
String resourceId, String domainId, String appId) throws Exception {
Attribute subjectAttribute = new Attribute(ACCESS_SUBJECT, subjectType, ProxyConstants.DEFAULT_DATA_TYPE, alias);
Attribute actionAttribute = new Attribute(ACTION, ACTION_ID, ProxyConstants.DEFAULT_DATA_TYPE, actionId);
Attribute resourceAttribute = new Attribute(RESOURCE, RESOURCE_ID, ProxyConstants.DEFAULT_DATA_TYPE, resourceId);
Attribute environmentAttribute = new Attribute(CATEGORY_ENVIRONMENT, ENVIRONMENT_ID, ProxyConstants
.DEFAULT_DATA_TYPE, domainId);
Attribute[] tempArr = {subjectAttribute, actionAttribute, resourceAttribute, environmentAttribute};
String xacmlRequest = XACMLRequetBuilder.buildXACML3Request(tempArr);
EntitlementServiceStub stub = getEntitlementStub(serverUrl);
Authenticator authenticator = getAuthenticator(serverUrl, userName, password);
String result = getDecision(xacmlRequest, stub, authenticator);
stub._getServiceClient().cleanupTransport();
return result.contains("Permit");
}
Example #3
| Source File: SOAPEntitlementServiceClient.java From carbon-identity with Apache License 2.0 | 6 votes |
|
@Override
public boolean subjectCanActOnResource(String subjectType, String alias, String actionId,
String resourceId, Attribute[] attributes, String domainId, String appId)
throws Exception {
Attribute[] attrs = new Attribute[attributes.length + 4];
attrs[0] = new Attribute(ACCESS_SUBJECT, subjectType, ProxyConstants.DEFAULT_DATA_TYPE, alias);
for (int i = 0; i < attributes.length; i++) {
attrs[i + 1] = new Attribute(ACCESS_SUBJECT, attributes[i].getType(),
attributes[i].getId(), attributes[i].getValue());
}
attrs[attrs.length - 3] = new Attribute(ACTION, ACTION_ID, ProxyConstants
.DEFAULT_DATA_TYPE, actionId);
attrs[attrs.length - 2] = new Attribute(RESOURCE, RESOURCE_ID,
ProxyConstants.DEFAULT_DATA_TYPE, resourceId);
attrs[attrs.length - 1] = new Attribute(CATEGORY_ENVIRONMENT, ENVIRONMENT_ID, ProxyConstants.DEFAULT_DATA_TYPE, domainId);
String xacmlRequest = XACMLRequetBuilder.buildXACML3Request(attrs);
EntitlementServiceStub stub = getEntitlementStub(serverUrl);
Authenticator authenticator = getAuthenticator(serverUrl, userName, password);
String result = getDecision(xacmlRequest, stub, authenticator);
stub._getServiceClient().cleanupTransport();
return result.contains("Permit");
}
Example #4
| Source File: SOAPEntitlementServiceClient.java From carbon-identity with Apache License 2.0 | 6 votes |
|
private EntitledAttributesDTO[] getEntitledAttributes(String subjectName, String resourceName,
String subjectId, String action, boolean enableChildSearch,
EntitlementServiceStub stub, Authenticator authenticator) throws Exception {
EntitledResultSetDTO results;
try {
results = stub.getEntitledAttributes(subjectName, resourceName, subjectId, action,
enableChildSearch);
} catch (AxisFault e) {
if (ProxyConstants.SESSION_TIME_OUT.equals(e.getFaultCode().getLocalPart())) {
setAuthCookie(true, stub, authenticator);
results = stub.getEntitledAttributes(subjectName, resourceName, subjectId, action,
enableChildSearch);
} else {
throw e;
}
}
return results.getEntitledAttributesDTOs();
}
Example #5
| Source File: BasicAuthEntitlementServiceClient.java From carbon-identity with Apache License 2.0 | 6 votes |
|
@Override
public boolean subjectCanActOnResource(String subjectType, String alias, String actionId,
String resourceId, String domainId, String appId) throws Exception {
Attribute subjectAttribute = new Attribute(URN_OASIS_NAMES_TC_XACML_1_0_SUBJECT_CATEGORY_ACCESS_SUBJECT, subjectType, ProxyConstants.DEFAULT_DATA_TYPE, alias);
Attribute actionAttribute = new Attribute(URN_OASIS_NAMES_TC_XACML_3_0_ATTRIBUTE_CATEGORY_ACTION, URN_OASIS_NAMES_TC_XACML_1_0_ACTION_ACTION_ID, ProxyConstants.DEFAULT_DATA_TYPE, actionId);
Attribute resourceAttribute = new Attribute(URN_OASIS_NAMES_TC_XACML_3_0_ATTRIBUTE_CATEGORY_RESOURCE, URN_OASIS_NAMES_TC_XACML_1_0_RESOURCE_RESOURCE_ID, ProxyConstants.DEFAULT_DATA_TYPE, resourceId);
Attribute environmentAttribute = new Attribute(URN_OASIS_NAMES_TC_XACML_3_0_ATTRIBUTE_CATEGORY_ENVIRONMENT, URN_OASIS_NAMES_TC_XACML_1_0_ENVIRONMENT_ENVIRONMENT_ID, ProxyConstants.DEFAULT_DATA_TYPE, domainId);
Attribute[] tempArr = {subjectAttribute, actionAttribute, resourceAttribute, environmentAttribute};
String xacmlRequest = XACMLRequetBuilder.buildXACML3Request(tempArr);
EntitlementServiceStub stub = null;
try {
stub = getEntitlementStub(serverUrl);
String result = getDecision(xacmlRequest, stub);
return result.contains(XACML_DECISION_PERMIT);
} finally {
if (stub != null) {
stub._getServiceClient().cleanupTransport();
serviceStubPool.returnObject(stub);
}
}
}
Example #6
| Source File: SOAPEntitlementServiceClient.java From micro-integrator with Apache License 2.0 | 6 votes |
|
private EntitledAttributesDTO[] getEntitledAttributes(String subjectName, String resourceName, String subjectId,
String action, boolean enableChildSearch,
EntitlementServiceStub stub, Authenticator authenticator)
throws Exception {
EntitledResultSetDTO results;
try {
results = stub.getEntitledAttributes(subjectName, resourceName, subjectId, action, enableChildSearch);
} catch (AxisFault e) {
if (ProxyConstants.SESSION_TIME_OUT.equals(e.getFaultCode().getLocalPart())) {
setAuthCookie(true, stub, authenticator);
results = stub.getEntitledAttributes(subjectName, resourceName, subjectId, action, enableChildSearch);
} else {
throw e;
}
}
return results.getEntitledAttributesDTOs();
}
Example #7
| Source File: SOAPEntitlementServiceClient.java From micro-integrator with Apache License 2.0 | 6 votes |
|
@Override
public boolean subjectCanActOnResource(String subjectType, String alias, String actionId, String resourceId,
Attribute[] attributes, String domainId, String appId) throws Exception {
Attribute[] attrs = new Attribute[attributes.length + 4];
attrs[0] = new Attribute(ACCESS_SUBJECT, subjectType, ProxyConstants.DEFAULT_DATA_TYPE, alias);
for (int i = 0; i < attributes.length; i++) {
attrs[i + 1] = new Attribute(ACCESS_SUBJECT, attributes[i].getType(), attributes[i].getId(),
attributes[i].getValue());
}
attrs[attrs.length - 3] = new Attribute(ACTION, ACTION_ID, ProxyConstants.DEFAULT_DATA_TYPE, actionId);
attrs[attrs.length - 2] = new Attribute(RESOURCE, RESOURCE_ID, ProxyConstants.DEFAULT_DATA_TYPE, resourceId);
attrs[attrs.length - 1] = new Attribute(CATEGORY_ENVIRONMENT, ENVIRONMENT_ID, ProxyConstants.DEFAULT_DATA_TYPE,
domainId);
String xacmlRequest = XACMLRequetBuilder.buildXACML3Request(attrs);
EntitlementServiceStub stub = getEntitlementStub(serverUrl);
Authenticator authenticator = getAuthenticator(serverUrl, userName, password, authorizedCookie);
String result = getDecision(xacmlRequest, stub, authenticator);
stub._getServiceClient().cleanupTransport();
return result.contains("Permit");
}
Example #8
| Source File: BasicAuthEntitlementServiceClient.java From carbon-identity with Apache License 2.0 | 5 votes |
|
@Override
public List<String> getActionableChildResourcesForAlias(String alias, String parentResource,
String action, String appId) throws Exception {
EntitlementServiceStub stub = null;
try {
stub = getEntitlementStub(serverUrl);
return getResources(getEntitledAttributes(alias, parentResource,
ProxyConstants.SUBJECT_ID, action, true, stub));
} finally {
if (stub != null) {
stub._getServiceClient().cleanupTransport();
serviceStubPool.returnObject(stub);
}
}
}
Example #9
| Source File: BasicAuthEntitlementServiceClient.java From carbon-identity with Apache License 2.0 | 5 votes |
|
@Override
public List<String> getActionsForResource(String alias, String resource, String appId)
throws Exception {
EntitlementServiceStub stub = null;
try {
stub = getEntitlementStub(serverUrl);
return getActions(getEntitledAttributes(alias, resource,
ProxyConstants.SUBJECT_ID, null, false, stub));
} finally {
if (stub != null) {
stub._getServiceClient().cleanupTransport();
serviceStubPool.returnObject(stub);
}
}
}
Example #10
| Source File: BasicAuthEntitlementServiceClient.java From carbon-identity with Apache License 2.0 | 5 votes |
|
private EntitledAttributesDTO[] getEntitledAttributes(String subjectName, String resourceName,
String subjectId, String action, boolean enableChildSearch,
EntitlementServiceStub stub) throws Exception {
EntitledResultSetDTO results;
results = stub.getEntitledAttributes(subjectName, resourceName, subjectId, action,
enableChildSearch);
return results.getEntitledAttributesDTOs();
}
Example #11
| Source File: BasicAuthEntitlementServiceClient.java From carbon-identity with Apache License 2.0 | 5 votes |
|
@Override
public List<String> getActionableResourcesForAlias(String alias, String appId) throws Exception {
EntitlementServiceStub stub = null;
try {
stub = getEntitlementStub(serverUrl);
return getResources(getEntitledAttributes(alias, null, ProxyConstants.SUBJECT_ID, null, true, stub));
} finally {
if (stub != null) {
stub._getServiceClient().cleanupTransport();
serviceStubPool.returnObject(stub);
}
}
}
Example #12
| Source File: BasicAuthEntitlementServiceClient.java From carbon-identity with Apache License 2.0 | 5 votes |
|
@Override
public List<String> getResourcesForAlias(String alias, String appId) throws Exception {
EntitlementServiceStub stub = null;
try {
stub = getEntitlementStub(serverUrl);
return getResources(getEntitledAttributes(alias, null, ProxyConstants.SUBJECT_ID, null, false, stub));
} finally {
if (stub != null) {
stub._getServiceClient().cleanupTransport();
serviceStubPool.returnObject(stub);
}
}
}
Example #13
| Source File: BasicAuthEntitlementServiceClient.java From carbon-identity with Apache License 2.0 | 5 votes |
|
@Override
public boolean subjectCanActOnResource(String subjectType, String alias, String actionId,
String resourceId, Attribute[] attributes, String domainId, String appId)
throws Exception {
Attribute[] attrs = new Attribute[attributes.length + 4];
attrs[0] = new Attribute(URN_OASIS_NAMES_TC_XACML_1_0_SUBJECT_CATEGORY_ACCESS_SUBJECT, subjectType, ProxyConstants.DEFAULT_DATA_TYPE, alias);
for (int i = 0; i < attributes.length; i++) {
attrs[i + 1] = new Attribute(URN_OASIS_NAMES_TC_XACML_1_0_SUBJECT_CATEGORY_ACCESS_SUBJECT, attributes[i].getType(),
attributes[i].getId(), attributes[i].getValue());
}
attrs[attrs.length - 3] = new Attribute(URN_OASIS_NAMES_TC_XACML_3_0_ATTRIBUTE_CATEGORY_ACTION, URN_OASIS_NAMES_TC_XACML_1_0_ACTION_ACTION_ID, ProxyConstants.DEFAULT_DATA_TYPE, actionId);
attrs[attrs.length - 2] = new Attribute(URN_OASIS_NAMES_TC_XACML_3_0_ATTRIBUTE_CATEGORY_RESOURCE, URN_OASIS_NAMES_TC_XACML_1_0_RESOURCE_RESOURCE_ID, ProxyConstants.DEFAULT_DATA_TYPE, resourceId);
attrs[attrs.length - 1] = new Attribute(URN_OASIS_NAMES_TC_XACML_3_0_ATTRIBUTE_CATEGORY_ENVIRONMENT, URN_OASIS_NAMES_TC_XACML_1_0_ENVIRONMENT_ENVIRONMENT_ID, ProxyConstants.DEFAULT_DATA_TYPE, domainId);
String xacmlRequest = XACMLRequetBuilder.buildXACML3Request(attrs);
EntitlementServiceStub stub = null;
try {
stub = getEntitlementStub(serverUrl);
String result = getDecision(xacmlRequest, stub);
return result.contains(XACML_DECISION_PERMIT);
} finally {
if (stub != null) {
stub._getServiceClient().cleanupTransport();
serviceStubPool.returnObject(stub);
}
}
}
Example #14
| Source File: EntitlementServiceStubFactory.java From carbon-identity with Apache License 2.0 | 5 votes |
|
@Override
public Object makeObject() throws Exception {
EntitlementServiceStub stub = new EntitlementServiceStub(configurationContext,
targetEndpoint);
ServiceClient client = stub._getServiceClient();
Options options = client.getOptions();
options.setManageSession(true);
options.setProperty(HTTPConstants.AUTHENTICATE, authenticator);
return stub;
}
Example #15
| Source File: BasicAuthEntitlementServiceClient.java From carbon-identity with Apache License 2.0 | 5 votes |
|
@Override
public String getDecision(Attribute[] attributes, String appId) throws Exception {
EntitlementServiceStub stub = null;
try {
String xacmlRequest = XACMLRequetBuilder.buildXACML3Request(attributes);
stub = getEntitlementStub(serverUrl);
return getDecision(xacmlRequest, stub);
} finally {
if (stub != null) {
stub._getServiceClient().cleanupTransport();
serviceStubPool.returnObject(stub);
}
}
}
Example #16
| Source File: SOAPEntitlementServiceClient.java From micro-integrator with Apache License 2.0 | 5 votes |
|
@Override
public String getDecision(Attribute[] attributes, String appId) throws Exception {
String xacmlRequest = XACMLRequetBuilder.buildXACML3Request(attributes);
EntitlementServiceStub stub = getEntitlementStub(serverUrl);
Authenticator authenticator = getAuthenticator(serverUrl, userName, password, authorizedCookie);
String result = getDecision(xacmlRequest, stub, authenticator);
stub._getServiceClient().cleanupTransport();
return result;
}
Example #17
| Source File: SOAPEntitlementServiceClient.java From carbon-identity with Apache License 2.0 | 5 votes |
|
private String getDecision(String request, EntitlementServiceStub stub,
Authenticator authenticator) throws Exception {
try {
return stub.getDecision(request);
} catch (AxisFault e) {
if (ProxyConstants.SESSION_TIME_OUT.equals(e.getFaultCode().getLocalPart())) {
setAuthCookie(true, stub, authenticator);
return stub.getDecision(request);
} else {
throw e;
}
}
}
Example #18
| Source File: SOAPEntitlementServiceClient.java From carbon-identity with Apache License 2.0 | 5 votes |
|
@Override
public List<String> getActionableChildResourcesForAlias(String alias, String parentResource,
String action, String appId) throws Exception {
EntitlementServiceStub stub = getEntitlementStub(serverUrl);
Authenticator authenticator = getAuthenticator(serverUrl, userName,
password);
List<String> results = getResources(getEntitledAttributes(alias, parentResource,
ProxyConstants.SUBJECT_ID, action, true, stub, authenticator));
stub._getServiceClient().cleanupTransport();
return results;
}
Example #19
| Source File: SOAPEntitlementServiceClient.java From carbon-identity with Apache License 2.0 | 5 votes |
|
@Override
public List<String> getActionsForResource(String alias, String resource, String appId)
throws Exception {
EntitlementServiceStub stub = getEntitlementStub(serverUrl);
Authenticator authenticator = getAuthenticator(serverUrl, userName, password);
List<String> results = getActions(getEntitledAttributes(alias, resource,
ProxyConstants.SUBJECT_ID, null, false, stub, authenticator));
stub._getServiceClient().cleanupTransport();
return results;
}
Example #20
| Source File: SOAPEntitlementServiceClient.java From carbon-identity with Apache License 2.0 | 5 votes |
|
@Override
public List<String> getActionableResourcesForAlias(String alias, String appId) throws Exception {
EntitlementServiceStub stub = getEntitlementStub(serverUrl);
Authenticator authenticator = getAuthenticator(serverUrl, userName, password);
List<String> results = getResources(getEntitledAttributes(alias, null,
ProxyConstants.SUBJECT_ID, null, true, stub, authenticator));
stub._getServiceClient().cleanupTransport();
return results;
}
Example #21
| Source File: SOAPEntitlementServiceClient.java From carbon-identity with Apache License 2.0 | 5 votes |
|
@Override
public List<String> getResourcesForAlias(String alias, String appId) throws Exception {
EntitlementServiceStub stub = getEntitlementStub(serverUrl);
Authenticator authenticator = getAuthenticator(serverUrl, userName, password);
List<String> results = getResources(getEntitledAttributes(alias, null,
ProxyConstants.SUBJECT_ID, null, false, stub, authenticator));
stub._getServiceClient().cleanupTransport();
return results;
}
Example #22
| Source File: EntitlementServiceClient.java From carbon-apimgt with Apache License 2.0 | 5 votes |
|
/**
* This method will initiate entitlement service client which calls PDP
*
* @throws Exception whenever if failed to initiate client properly.
*/
public EntitlementServiceClient() throws Exception {
ConfigurationContext configContext;
try {
String repositoryBasePath = CarbonUtils.getCarbonHome() + File.separator + "repository";
String clientRepo = repositoryBasePath +
File.separator + "deployment" + File.separator + "client";
String clientAxisConf = repositoryBasePath +
File.separator + "conf" + File.separator + "axis2" + File.separator + "axis2_client.xml";
configContext = ConfigurationContextFactory.createConfigurationContextFromFileSystem(clientRepo, clientAxisConf);
String serviceEndPoint = EntitlementClientUtils.getServerUrl() + "EntitlementService";
entitlementServiceStub =
new EntitlementServiceStub(configContext, serviceEndPoint);
ServiceClient client = entitlementServiceStub._getServiceClient();
Options option = client.getOptions();
option.setProperty(HTTPConstants.COOKIE_STRING, null);
HttpTransportProperties.Authenticator auth = new HttpTransportProperties.Authenticator();
auth.setUsername(EntitlementClientUtils.getServerUsername());
auth.setPassword(EntitlementClientUtils.getServerPassword());
auth.setPreemptiveAuthentication(true);
option.setProperty(HTTPConstants.AUTHENTICATE, auth);
option.setManageSession(true);
} catch (Exception e) {
logger.error("Error while initiating entitlement service client ", e);
}
}
Example #23
| Source File: BasicAuthEntitlementServiceClient.java From micro-integrator with Apache License 2.0 | 5 votes |
|
@Override
public List<String> getResourcesForAlias(String alias, String appId) throws Exception {
EntitlementServiceStub stub = null;
try {
stub = getEntitlementStub(serverUrl);
return getResources(getEntitledAttributes(alias, null, ProxyConstants.SUBJECT_ID, null, false, stub));
} finally {
if (stub != null) {
stub._getServiceClient().cleanupTransport();
serviceStubPool.returnObject(stub);
}
}
}
Example #24
| Source File: SOAPEntitlementServiceClient.java From micro-integrator with Apache License 2.0 | 5 votes |
|
@Override
public List<String> getResourcesForAlias(String alias, String appId) throws Exception {
EntitlementServiceStub stub = getEntitlementStub(serverUrl);
Authenticator authenticator = getAuthenticator(serverUrl, userName, password, authorizedCookie);
List<String> results = getResources(
getEntitledAttributes(alias, null, ProxyConstants.SUBJECT_ID, null, false, stub, authenticator));
stub._getServiceClient().cleanupTransport();
return results;
}
Example #25
| Source File: SOAPEntitlementServiceClient.java From micro-integrator with Apache License 2.0 | 5 votes |
|
@Override
public List<String> getActionableResourcesForAlias(String alias, String appId) throws Exception {
EntitlementServiceStub stub = getEntitlementStub(serverUrl);
Authenticator authenticator = getAuthenticator(serverUrl, userName, password, authorizedCookie);
List<String> results = getResources(
getEntitledAttributes(alias, null, ProxyConstants.SUBJECT_ID, null, true, stub, authenticator));
stub._getServiceClient().cleanupTransport();
return results;
}
Example #26
| Source File: SOAPEntitlementServiceClient.java From micro-integrator with Apache License 2.0 | 5 votes |
|
@Override
public List<String> getActionsForResource(String alias, String resource, String appId) throws Exception {
EntitlementServiceStub stub = getEntitlementStub(serverUrl);
Authenticator authenticator = getAuthenticator(serverUrl, userName, password, authorizedCookie);
List<String> results = getActions(
getEntitledAttributes(alias, resource, ProxyConstants.SUBJECT_ID, null, false, stub, authenticator));
stub._getServiceClient().cleanupTransport();
return results;
}
Example #27
| Source File: SOAPEntitlementServiceClient.java From micro-integrator with Apache License 2.0 | 5 votes |
|
@Override
public List<String> getActionableChildResourcesForAlias(String alias, String parentResource, String action,
String appId) throws Exception {
EntitlementServiceStub stub = getEntitlementStub(serverUrl);
Authenticator authenticator = getAuthenticator(serverUrl, userName, password, authorizedCookie);
List<String> results = getResources(
getEntitledAttributes(alias, parentResource, ProxyConstants.SUBJECT_ID, action, true, stub,
authenticator));
stub._getServiceClient().cleanupTransport();
return results;
}
Example #28
| Source File: SOAPEntitlementServiceClient.java From micro-integrator with Apache License 2.0 | 5 votes |
|
private String getDecision(String request, EntitlementServiceStub stub, Authenticator authenticator)
throws Exception {
try {
return stub.getDecision(request);
} catch (AxisFault e) {
if (ProxyConstants.SESSION_TIME_OUT.equals(e.getFaultCode().getLocalPart())) {
setAuthCookie(true, stub, authenticator);
return stub.getDecision(request);
} else {
throw e;
}
}
}
Example #29
| Source File: BasicAuthEntitlementServiceClient.java From micro-integrator with Apache License 2.0 | 5 votes |
|
@Override
public String getDecision(Attribute[] attributes, String appId) throws Exception {
EntitlementServiceStub stub = null;
try {
String xacmlRequest = XACMLRequetBuilder.buildXACML3Request(attributes);
stub = getEntitlementStub(serverUrl);
return getDecision(xacmlRequest, stub);
} finally {
if (stub != null) {
stub._getServiceClient().cleanupTransport();
serviceStubPool.returnObject(stub);
}
}
}
Example #30
| Source File: BasicAuthEntitlementServiceClient.java From micro-integrator with Apache License 2.0 | 5 votes |
|
@Override
public boolean subjectCanActOnResource(String subjectType, String alias, String actionId, String resourceId,
String domainId, String appId) throws Exception {
Attribute subjectAttribute = new Attribute(URN_OASIS_NAMES_TC_XACML_1_0_SUBJECT_CATEGORY_ACCESS_SUBJECT,
subjectType, ProxyConstants.DEFAULT_DATA_TYPE, alias);
Attribute actionAttribute = new Attribute(URN_OASIS_NAMES_TC_XACML_3_0_ATTRIBUTE_CATEGORY_ACTION,
URN_OASIS_NAMES_TC_XACML_1_0_ACTION_ACTION_ID,
ProxyConstants.DEFAULT_DATA_TYPE, actionId);
Attribute resourceAttribute = new Attribute(URN_OASIS_NAMES_TC_XACML_3_0_ATTRIBUTE_CATEGORY_RESOURCE,
URN_OASIS_NAMES_TC_XACML_1_0_RESOURCE_RESOURCE_ID,
ProxyConstants.DEFAULT_DATA_TYPE, resourceId);
Attribute environmentAttribute = new Attribute(URN_OASIS_NAMES_TC_XACML_3_0_ATTRIBUTE_CATEGORY_ENVIRONMENT,
URN_OASIS_NAMES_TC_XACML_1_0_ENVIRONMENT_ENVIRONMENT_ID,
ProxyConstants.DEFAULT_DATA_TYPE, domainId);
Attribute[] tempArr = { subjectAttribute, actionAttribute, resourceAttribute, environmentAttribute };
String xacmlRequest = XACMLRequetBuilder.buildXACML3Request(tempArr);
EntitlementServiceStub stub = null;
try {
stub = getEntitlementStub(serverUrl);
String result = getDecision(xacmlRequest, stub);
return result.contains(XACML_DECISION_PERMIT);
} finally {
if (stub != null) {
stub._getServiceClient().cleanupTransport();
serviceStubPool.returnObject(stub);
}
}
}
