public class StaticRefPolicyFinderModule extends PolicyFinderModule
PolicyFinderModule
that
supports retrieval based on reference, and is designed for use with a
run-time configuration. Its constructor accepts a List
of
String
s that represent URLs or files, and these are resolved
to policies when the module is initialized. Beyond this, there is no
modifying or re-loading the policies represented by this class. The
policy's identifiers are used for reference resolution.
Note that this class is designed to complement
StaticPolicyFinderModule
. It would be easy to support both
kinds of policy retrieval in a single class, but the functionality is
instead split between two classes. The reason is that when you define a
configuration for your PDP, it's easier to specify the two sets of policies
by using two different finder modules. Typically, there aren't many
policies that exist in both sets, so loading the sets separately isn't
a problem. If this is a concern to you, simply create your own class and
merge the two existing classes.
This module is provided as an example, but is still fully functional, and
should be useful for many simple applications. This is provided in the
support
package rather than the core codebase because it
implements non-standard behavior.
Constructor and Description |
---|
StaticRefPolicyFinderModule(List policyList)
Creates a
StaticRefPolicyFinderModule that provides
access to the given collection of policies. |
StaticRefPolicyFinderModule(List policyList,
String schemaFile)
Creates a
StaticRefPolicyFinderModule that provides
access to the given collection of policyList. |
Modifier and Type | Method and Description |
---|---|
PolicyFinderResult |
findPolicy(URI idReference,
int type,
VersionConstraints constraints,
PolicyMetaData parentMetaData)
Attempts to find a policy by reference, based on the provided
parameters.
|
void |
init(PolicyFinder finder)
Initialize this module.
|
boolean |
isIdReferenceSupported()
Always returns
true since this module does support
finding policies based on reference. |
findPolicy, getIdentifier, invalidateCache, isRequestSupported
public StaticRefPolicyFinderModule(List policyList)
StaticRefPolicyFinderModule
that provides
access to the given collection of policies. Any policy that cannot
be loaded will be noted in the log, but will not cause an error. The
schema file used to validate policies is defined by the property
PolicyReader.POLICY_SCHEMA_PROPERTY
. If the retrieved
property is null, then no schema validation will occur.policyList
- a List
of String
s that
represent URLs or files pointing to XACML policiespublic StaticRefPolicyFinderModule(List policyList, String schemaFile)
StaticRefPolicyFinderModule
that provides
access to the given collection of policyList.policyList
- a List
of String
s that
represent URLs or files pointing to XACML policiesschemaFile
- the schema file to validate policies against,
or null if schema validation is not desiredpublic boolean isIdReferenceSupported()
true
since this module does support
finding policies based on reference.isIdReferenceSupported
in class PolicyFinderModule
public void init(PolicyFinder finder)
PolicyFinder
when a PDP is created. This method is
where the policies are actually loaded.init
in class PolicyFinderModule
finder
- the PolicyFinder
using this modulepublic PolicyFinderResult findPolicy(URI idReference, int type, VersionConstraints constraints, PolicyMetaData parentMetaData)
findPolicy
in class PolicyFinderModule
idReference
- an identifier specifying some policytype
- type of reference (policy or policySet) as identified by
the fields in PolicyReference
constraints
- any optional constraints on the version of the
referenced policy (this will never be null, but
it may impose no constraints, and in fact will
never impose constraints when used from a pre-2.0
XACML policy)parentMetaData
- the meta-data from the parent policy, which
provides XACML version, factories, etc.Copyright © 2023 JBoss by Red Hat. All rights reserved.