Google Site Search

Google
 

Tuesday, February 1, 2011

Usage:JBoss XACML

Project PicketBox from JBoss has an XACML engine that can be used in a Java environment.

Assuming that your configuration file is available, something like the following should work for you:

import org.jboss.security.xacml.core.JBossPDP;
import org.jboss.security.xacml.interfaces.PolicyDecisionPoint;
import org.jboss.security.xacml.interfaces.XACMLConstants;
 
//Get hold of an InputStream to the config file 
ClassLoader tcl = Thread.currentThread().getContextClassLoader();
InputStream is = tcl.getResourceAsStream( MY_CONFIG_FILE );
PolicyDecisionPoint pdp = new JBossPDP(is);
//Form your RequestContext by some means
ResponseContext response = pdp.evaluate(request);
int decision = response.getDecision();
//Decision can be one of XACMLConstants.DECISION_DENY
//XACMLConstants.DECISION_PERMIT 
 
 
 
RequestContext requestContext = RequestResponseContextFactory.createRequestCtx();
//Read the xacml request from input stream
requestContext.readRequest( is );
requestContext.readRequest( node );  //Parse xacml request as DOM node 
 
============================

If you need to look at code examples: http://community.jboss.org/wiki/XACMLPDPSOAPService

1 comment:

Asankha Perera said...

Anil

I cannot find the JBossPDP class in the PicketBox 3.0.0.Final distribution any more

Also, it would be great if you could place the latest artifacts on Maven repositories for use by others

thanks
asankha