Source code: com/sun/xacml/finder/impl/CurrentEnvModule.java
1
2 /*
3 * @(#)CurrentEnvModule.java
4 *
5 * Copyright 2003-2004 Sun Microsystems, Inc. All Rights Reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions are met:
9 *
10 * 1. Redistribution of source code must retain the above copyright notice,
11 * this list of conditions and the following disclaimer.
12 *
13 * 2. Redistribution in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 *
17 * Neither the name of Sun Microsystems, Inc. or the names of contributors may
18 * be used to endorse or promote products derived from this software without
19 * specific prior written permission.
20 *
21 * This software is provided "AS IS," without a warranty of any kind. ALL
22 * EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING
23 * ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE
24 * OR NON-INFRINGEMENT, ARE HEREBY EXCLUDED. SUN MICROSYSTEMS, INC. ("SUN")
25 * AND ITS LICENSORS SHALL NOT BE LIABLE FOR ANY DAMAGES SUFFERED BY LICENSEE
26 * AS A RESULT OF USING, MODIFYING OR DISTRIBUTING THIS SOFTWARE OR ITS
27 * DERIVATIVES. IN NO EVENT WILL SUN OR ITS LICENSORS BE LIABLE FOR ANY LOST
28 * REVENUE, PROFIT OR DATA, OR FOR DIRECT, INDIRECT, SPECIAL, CONSEQUENTIAL,
29 * INCIDENTAL OR PUNITIVE DAMAGES, HOWEVER CAUSED AND REGARDLESS OF THE THEORY
30 * OF LIABILITY, ARISING OUT OF THE USE OF OR INABILITY TO USE THIS SOFTWARE,
31 * EVEN IF SUN HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
32 *
33 * You acknowledge that this software is not designed or intended for use in
34 * the design, construction, operation or maintenance of any nuclear facility.
35 */
36
37 package com.sun.xacml.finder.impl;
38
39 import com.sun.xacml.EvaluationCtx;
40
41 import com.sun.xacml.attr.AttributeDesignator;
42 import com.sun.xacml.attr.AttributeValue;
43 import com.sun.xacml.attr.BagAttribute;
44 import com.sun.xacml.attr.DateAttribute;
45 import com.sun.xacml.attr.DateTimeAttribute;
46 import com.sun.xacml.attr.TimeAttribute;
47
48 import com.sun.xacml.cond.EvaluationResult;
49
50 import com.sun.xacml.ctx.Status;
51
52 import com.sun.xacml.finder.AttributeFinderModule;
53
54 import java.net.URI;
55
56 import java.util.ArrayList;
57 import java.util.Date;
58 import java.util.HashSet;
59 import java.util.Set;
60
61
62 /**
63 * Supports the current date, time, and dateTime values. The XACML
64 * specification states that these three values must always be available to
65 * a PDP. They may be included in the request, but if they're not, a PDP
66 * must be able to recognize the attribute and generate the correct value.
67 * The module provides support for this feature by generating real-time
68 * values as known at the host where this module is running.
69 * <p>
70 * This class uses the caching functions of <code>EvaluationCtx</code> to
71 * make sure that values are constant within an evaluation, if that is the
72 * desired behavior.
73 *
74 * @since 1.0
75 * @author Seth Proctor
76 */
77 public class CurrentEnvModule extends AttributeFinderModule
78 {
79
80 /**
81 * Standard environment variable that represents the current time
82 */
83 public static final String ENVIRONMENT_CURRENT_TIME =
84 "urn:oasis:names:tc:xacml:1.0:environment:current-time";
85
86 /**
87 * Standard environment variable that represents the current date
88 */
89 public static final String ENVIRONMENT_CURRENT_DATE =
90 "urn:oasis:names:tc:xacml:1.0:environment:current-date";
91
92 /**
93 * Standard environment variable that represents the current date and time
94 */
95 public static final String ENVIRONMENT_CURRENT_DATETIME =
96 "urn:oasis:names:tc:xacml:1.0:environment:current-dateTime";
97
98 /**
99 * Returns true always because this module supports designators.
100 *
101 * @return true always
102 */
103 public boolean isDesignatorSupported() {
104 return true;
105 }
106
107 /**
108 * Returns a <code>Set</code> with a single <code>Integer</code>
109 * specifying that environment attributes are supported by this
110 * module.
111 *
112 * @return a <code>Set</code> with
113 * <code>AttributeDesignator.ENVIRONMENT_TARGET</code> included
114 */
115 public Set getSupportedDesignatorTypes() {
116 HashSet set = new HashSet();
117 set.add(new Integer(AttributeDesignator.ENVIRONMENT_TARGET));
118 return set;
119 }
120
121 /**
122 * Used to get the current time, date, or dateTime. If one of those
123 * values isn't being asked for, or if the types are wrong, then an
124 * empty bag is returned.
125 *
126 * @param attributeType the datatype of the attributes to find, which
127 * must be time, date, or dateTime for this module
128 * to resolve a value
129 * @param attributeId the identifier of the attributes to find, which
130 * must be one of the three ENVIRONMENT_* fields for
131 * this module to resolve a value
132 * @param issuer the issuer of the attributes, or null if unspecified
133 * @param subjectCategory the category of the attribute or null, which
134 * ignored since this only handles non-subjects
135 * @param context the representation of the request data
136 * @param designatorType the type of designator, which must be
137 * ENVIRONMENT_TARGET for this module to resolve
138 * a value
139 *
140 * @return the result of attribute retrieval, which will be a bag with
141 * a single attribute, an empty bag, or an error
142 */
143 public EvaluationResult findAttribute(URI attributeType, URI attributeId,
144 URI issuer, URI subjectCategory,
145 EvaluationCtx context,
146 int designatorType) {
147 // we only know about environment attributes
148 if (designatorType != AttributeDesignator.ENVIRONMENT_TARGET)
149 return new EvaluationResult(BagAttribute.
150 createEmptyBag(attributeType));
151
152 // figure out which attribute we're looking for
153 String attrName = attributeId.toString();
154
155 if (attrName.equals(ENVIRONMENT_CURRENT_TIME)) {
156 return handleTime(attributeType, issuer, context);
157 } else if (attrName.equals(ENVIRONMENT_CURRENT_DATE)) {
158 return handleDate(attributeType, issuer, context);
159 } else if (attrName.equals(ENVIRONMENT_CURRENT_DATETIME)) {
160 return handleDateTime(attributeType, issuer, context);
161 }
162
163 // if we got here, then it's an attribute that we don't know
164 return new EvaluationResult(BagAttribute.
165 createEmptyBag(attributeType));
166 }
167
168 /**
169 * Handles requests for the current Time.
170 */
171 private EvaluationResult handleTime(URI type, URI issuer,
172 EvaluationCtx context) {
173 // make sure they're asking for a time attribute
174 if (! type.toString().equals(TimeAttribute.identifier))
175 return new EvaluationResult(BagAttribute.
176 createEmptyBag(type));
177
178 // see if there's a value already cached that we should use
179 TimeAttribute attr = context.getCurrentTime();
180
181 if (attr == null) {
182 // create the current time data
183 attr = new TimeAttribute();
184 context.setCurrentTime(attr);
185 }
186
187 return makeBag(attr);
188 }
189
190 /**
191 * Handles requests for the current Date.
192 */
193 private EvaluationResult handleDate(URI type, URI issuer,
194 EvaluationCtx context) {
195 // make sure they're asking for a date attribute
196 if (! type.toString().equals(DateAttribute.identifier))
197 return new EvaluationResult(BagAttribute.
198 createEmptyBag(type));
199
200 // see if there's a value already cached that we should use
201 DateAttribute attr = context.getCurrentDate();
202
203 if (attr == null) {
204 // create the current date data
205 attr = new DateAttribute();
206 context.setCurrentDate(attr);
207 }
208
209 return makeBag(attr);
210 }
211
212 /**
213 * Handles requests for the current DateTime.
214 */
215 private EvaluationResult handleDateTime(URI type, URI issuer,
216 EvaluationCtx context) {
217 // make sure they're asking for a dateTime attribute
218 if (! type.toString().equals(DateTimeAttribute.identifier))
219 return new EvaluationResult(BagAttribute.
220 createEmptyBag(type));
221
222 // see if there's a value already cached that we should use
223 DateTimeAttribute attr = context.getCurrentDateTime();
224
225 if (attr == null) {
226 // create the current dateTime data
227 attr = new DateTimeAttribute();
228 context.setCurrentDateTime(attr);
229 }
230
231 return makeBag(attr);
232 }
233
234 /**
235 * Private helper that generates a new processing error status and
236 * includes the given string.
237 */
238 private EvaluationResult makeProcessingError(String message) {
239 ArrayList code = new ArrayList();
240 code.add(Status.STATUS_PROCESSING_ERROR);
241 return new EvaluationResult(new Status(code, message));
242 }
243
244 /**
245 * Private helper that makes a bag containing only the given attribute.
246 */
247 private EvaluationResult makeBag(AttributeValue attribute) {
248 Set set = new HashSet();
249 set.add(attribute);
250
251 BagAttribute bag = new BagAttribute(attribute.getType(), set);
252
253 return new EvaluationResult(bag);
254 }
255
256 }