public class BasicEvaluationCtx extends Object implements EvaluationCtx
EvaluationCtx
that is created from
an XACML Request and falls back on an AttributeFinder if a requested
value isn't available in the Request.
Note that this class can do some optional caching for current date, time, and dateTime values (defined by a boolean flag to the constructors). The XACML specification requires that these values always be available, but it does not specify whether or not they must remain constant over the course of an evaluation if the values are being generated by the PDP (if the values are provided in the Request, then obviously they will remain constant). The default behavior is for these environment values to be cached, so that (for example) the current time remains constant over the course of an evaluation.
RESOURCE_ID, RESOURCE_SCOPE, SCOPE_CHILDREN, SCOPE_DESCENDANTS, SCOPE_IMMEDIATE
Constructor and Description |
---|
BasicEvaluationCtx(RequestCtx request)
Constructs a new
BasicEvaluationCtx based on the given
request. |
BasicEvaluationCtx(RequestCtx request,
AttributeFinder finder)
Constructs a new
BasicEvaluationCtx based on the given
request, and supports looking outside the original request for attribute
values using the AttributeFinder . |
BasicEvaluationCtx(RequestCtx request,
AttributeFinder finder,
boolean cacheEnvValues)
Constructs a new
BasicEvaluationCtx based on the given
request, and supports looking outside the original request for attribute
values using the AttributeFinder . |
BasicEvaluationCtx(RequestCtx request,
boolean cacheEnvValues)
Constructs a new
BasicEvaluationCtx based on the given
request. |
Modifier and Type | Method and Description |
---|---|
EvaluationResult |
getActionAttribute(URI type,
URI id,
URI issuer)
Returns attribute value(s) from the action section of the request.
|
EvaluationResult |
getAttribute(String contextPath,
Node namespaceNode,
URI type,
String xpathVersion)
Returns the attribute value(s) retrieved using the given XPath
expression.
|
DateAttribute |
getCurrentDate()
Returns the value for the current date.
|
DateTimeAttribute |
getCurrentDateTime()
Returns the value for the current dateTime.
|
TimeAttribute |
getCurrentTime()
Returns the value for the current time.
|
EvaluationResult |
getEnvironmentAttribute(URI type,
URI id,
URI issuer)
Returns attribute value(s) from the environment section of the request.
|
Node |
getRequestRoot()
Returns the DOM root of the original RequestType XML document.
|
EvaluationResult |
getResourceAttribute(URI type,
URI id,
URI issuer)
Returns attribute value(s) from the resource section of the request.
|
AttributeValue |
getResourceId()
Returns the resource named in the request as resource-id.
|
int |
getScope()
Returns the resource scope of the request, which will be one of the
three fields denoting Immediate, Children, or Descendants.
|
EvaluationResult |
getSubjectAttribute(URI type,
URI id,
URI category)
Returns attribute value(s) from the subject section of the request
that have no issuer.
|
EvaluationResult |
getSubjectAttribute(URI type,
URI id,
URI issuer,
URI category)
Returns attribute value(s) from the subject section of the request.
|
void |
setResourceId(AttributeValue resourceId)
Changes the value of the resource-id attribute in this context.
|
public BasicEvaluationCtx(RequestCtx request) throws ParsingException
BasicEvaluationCtx
based on the given
request. The resulting context will cache current date, time, and
dateTime values so they remain constant for this evaluation.request
- the requestParsingException
- if a required attribute is missing, or if there
are any problems dealing with the request datapublic BasicEvaluationCtx(RequestCtx request, boolean cacheEnvValues) throws ParsingException
BasicEvaluationCtx
based on the given
request.request
- the requestcacheEnvValues
- whether or not to cache the current time, date,
and dateTime so they are constant for the scope
of this evaluationParsingException
- if a required attribute is missing, or if there
are any problems dealing with the request datapublic BasicEvaluationCtx(RequestCtx request, AttributeFinder finder) throws ParsingException
BasicEvaluationCtx
based on the given
request, and supports looking outside the original request for attribute
values using the AttributeFinder
. The resulting context
will cache current date, time, and dateTime values so they remain
constant for this evaluation.request
- the requestfinder
- an AttributeFinder
to use in looking for
attributes that aren't in the requestParsingException
- if a required attribute is missing, or if there
are any problems dealing with the request datapublic BasicEvaluationCtx(RequestCtx request, AttributeFinder finder, boolean cacheEnvValues) throws ParsingException
BasicEvaluationCtx
based on the given
request, and supports looking outside the original request for attribute
values using the AttributeFinder
.request
- the requestfinder
- an AttributeFinder
to use in looking for
attributes that aren't in the requestcacheEnvValues
- whether or not to cache the current time, date,
and dateTime so they are constant for the scope
of this evaluationParsingException
- if a required attribute is missing, or if there
are any problems dealing with the request datapublic Node getRequestRoot()
getRequestRoot
in interface EvaluationCtx
public int getScope()
getScope
in interface EvaluationCtx
public AttributeValue getResourceId()
getResourceId
in interface EvaluationCtx
public void setResourceId(AttributeValue resourceId)
setResourceId
in interface EvaluationCtx
resourceId
- the new resource-id valuepublic TimeAttribute getCurrentTime()
Note that the value supplied here applies only to dynamically resolved values, not those supplied in the Request. In other words, this always returns a dynamically resolved value local to the PDP, even if a different value was supplied in the Request. This is handled correctly when the value is requested by its identifier.
getCurrentTime
in interface EvaluationCtx
public DateAttribute getCurrentDate()
Note that the value supplied here applies only to dynamically resolved values, not those supplied in the Request. In other words, this always returns a dynamically resolved value local to the PDP, even if a different value was supplied in the Request. This is handled correctly when the value is requested by its identifier.
getCurrentDate
in interface EvaluationCtx
public DateTimeAttribute getCurrentDateTime()
Note that the value supplied here applies only to dynamically resolved values, not those supplied in the Request. In other words, this always returns a dynamically resolved value local to the PDP, even if a different value was supplied in the Request. This is handled correctly when the value is requested by its identifier.
getCurrentDateTime
in interface EvaluationCtx
public EvaluationResult getSubjectAttribute(URI type, URI id, URI category)
getSubjectAttribute
in interface EvaluationCtx
type
- the type of the attribute value(s) to findid
- the id of the attribute value(s) to findcategory
- the category the attribute value(s) must be inpublic EvaluationResult getSubjectAttribute(URI type, URI id, URI issuer, URI category)
getSubjectAttribute
in interface EvaluationCtx
type
- the type of the attribute value(s) to findid
- the id of the attribute value(s) to findissuer
- the issuer of the attribute value(s) to find or nullcategory
- the category the attribute value(s) must be inpublic EvaluationResult getResourceAttribute(URI type, URI id, URI issuer)
getResourceAttribute
in interface EvaluationCtx
type
- the type of the attribute value(s) to findid
- the id of the attribute value(s) to findissuer
- the issuer of the attribute value(s) to find or nullpublic EvaluationResult getActionAttribute(URI type, URI id, URI issuer)
getActionAttribute
in interface EvaluationCtx
type
- the type of the attribute value(s) to findid
- the id of the attribute value(s) to findissuer
- the issuer of the attribute value(s) to find or nullpublic EvaluationResult getEnvironmentAttribute(URI type, URI id, URI issuer)
getEnvironmentAttribute
in interface EvaluationCtx
type
- the type of the attribute value(s) to findid
- the id of the attribute value(s) to findissuer
- the issuer of the attribute value(s) to find or nullpublic EvaluationResult getAttribute(String contextPath, Node namespaceNode, URI type, String xpathVersion)
getAttribute
in interface EvaluationCtx
contextPath
- the XPath expression to searchnamespaceNode
- the DOM node defining namespace mappings to use,
or null if mappings come from the context roottype
- the type of the attribute value(s) to findxpathVersion
- the version of XPath to useCopyright © 2023 JBoss by Red Hat. All rights reserved.