XACMLReaderWriter.java revision cb7ae3378eb7595a9f486c189a192af8390b1d5d
/*
* The contents of this file are subject to the terms of the Common Development and
* Distribution License (the License). You may not use this file except in compliance with the
* License.
*
* You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
* specific language governing permission and limitations under the License.
*
* When distributing Covered Software, include this CDDL Header Notice in each file and include
* the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
* Header, with the fields enclosed by brackets [] replaced by your own identifying
* information: "Portions copyright [year] [name of copyright owner]".
*
* Copyright 2014-2016 ForgeRock AS.
*/
/**
* Facade for reading and writing XACML and translating between XACML PolicySets and AM Privilege types.
*/
public class XACMLReaderWriter {
/**
* Reads a sequence of XACML policies as OpenAM Privileges.
*
* @param xacml Non null stream to read.
* @return The XACML policies translated to OpenAM privileges.
* @throws EntitlementException If there was any unexpected error.
*/
try {
} catch (JAXBException e) {
throw new EntitlementException(INVALID_XML, e);
}
}
/**
* Translate provided XACML PolicySet into OpenAM Privileges, ReferralPrivileges, Applications and ResourceTypes.
* XACML export file doesn't map Application and Resource Type completely and hence dummy ResourceType Ids
* are assigned to ResourceTypes created and same is used for linking Application, Privilege to the ResourceType.
* <p />
*
* From a policySet instance: <br />
* <li> An application is created for every unique application name found in the Policy instances.</li>
* <li> One ResourceType instance (with dummy uuid) per Policy is created.</li>
* <li> One instance of Privilege per Policy instance is created. </li>
*
* @param policySet The set of policies to translate
* @return OpenAM Privileges, ReferralPrivileges, Applications and ResourceTypes.
* @throws EntitlementException If there was any unexpected error.
*/
try {
return privilegeSet;
}
if (isReferralPolicy(policy)) {
continue;
}
if (application == null) {
}
// Create one resourceType instance (with a dummy uuid) per policy read from the XACML file.
// Later these instances with dummy ids will be replaced by either an existing instance
// in the data store or by a new instance created during Resource Type Import Step generation.
}
return privilegeSet;
} catch (JSONException e) {
throw new EntitlementException(JSON_PARSE_ERROR, e);
}
}
/**
* Translate provided OpenAM Privilege and ReferralPrivilege objects into XACML PolicySet.
*
* @param realm The realm to which the provided privileges belong.,
* @param privilegeSet The Privileges and ReferralPrivileges to translate.
* @return XACML PolicySet
* @throws EntitlementException If there was any unexpected error.
*/
PolicySet policySet = XACMLPrivilegeUtils.privilegesToPolicySet(realm, privilegeSet.getPrivileges());
try {
} catch (JSONException e) {
throw new EntitlementException(JSON_PARSE_ERROR, e);
} catch (JAXBException e) {
throw new EntitlementException(JSON_PARSE_ERROR, e);
}
}
return policySet;
}
}