Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

de.fzj.unicore.uas.security.util
Class RuleBuilder

java.lang.Object
  extended by de.fzj.unicore.uas.security.util.RuleBuilder

public class RuleBuilder
extends java.lang.Object

helper to generate XACML rules using a nice, "fluent" API, based on the SUN XACML 1.0 implementation,

Author:
schuller

Constructor Summary
RuleBuilder()
           
 
Method Summary
 com.sun.xacml.Rule buildRule()
          build the resulting rule and return it
 RuleBuilder denyAccess()
           
 RuleBuilder forMethod(java.lang.String method)
          set the action (i.e. web service method name) this rule refers to
 RuleBuilder forRole(java.lang.String role)
           
protected  com.sun.xacml.cond.Apply getConditionAttributeMatches(java.lang.String attributeID, java.lang.String attributeValue, boolean mustBePresent)
          returns a condition expressing that the attribute defined by attributeID has to match the supplied value
protected  com.sun.xacml.cond.Apply getConditionOwnerMatches()
          returns a Condition expressing that the owner of a resource has to be matched
protected  com.sun.xacml.cond.Apply getConditionRoleMatches(java.lang.String role)
          returns a condition expressing that the given role has to be matched
protected  com.sun.xacml.Target getTarget()
          builds the rule target from the available information
 RuleBuilder ifOwnerMatches()
           
 RuleBuilder ifSubjectHasOptionalAttribute(java.lang.String attributeID, java.lang.String attributeValue)
           
 RuleBuilder ifSubjectHasRequiredAttribute(java.lang.String attributeID, java.lang.String attributeValue)
           
 RuleBuilder onService(java.lang.String serviceName)
          set the web service this rule refers to
 RuleBuilder onServiceInstance(java.lang.String serviceName, java.lang.String instanceID)
          set the WSRF instance this rule refers to
 RuleBuilder permitAccess()
           
 RuleBuilder setDescription(java.lang.String description)
           
 RuleBuilder setID(java.lang.String id)
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

RuleBuilder

public RuleBuilder()
Method Detail

permitAccess

public RuleBuilder permitAccess()

denyAccess

public RuleBuilder denyAccess()

forMethod

public RuleBuilder forMethod(java.lang.String method)
set the action (i.e. web service method name) this rule refers to

Parameters:
method - - the name of the webservice method (e.g., "GetResourceProperty")
Returns:
this rule builder

forRole

public RuleBuilder forRole(java.lang.String role)

ifSubjectHasOptionalAttribute

public RuleBuilder ifSubjectHasOptionalAttribute(java.lang.String attributeID,
                                                 java.lang.String attributeValue)

ifSubjectHasRequiredAttribute

public RuleBuilder ifSubjectHasRequiredAttribute(java.lang.String attributeID,
                                                 java.lang.String attributeValue)

ifOwnerMatches

public RuleBuilder ifOwnerMatches()

setDescription

public RuleBuilder setDescription(java.lang.String description)

setID

public RuleBuilder setID(java.lang.String id)

onService

public RuleBuilder onService(java.lang.String serviceName)
set the web service this rule refers to

Parameters:
serviceName - - the name of the web service
Returns:
this builder

onServiceInstance

public RuleBuilder onServiceInstance(java.lang.String serviceName,
                                     java.lang.String instanceID)
set the WSRF instance this rule refers to

Parameters:
serviceName - - the name of the service
instanceID - - the unique ID
Returns:
this builder

buildRule

public com.sun.xacml.Rule buildRule()
build the resulting rule and return it

getTarget

protected com.sun.xacml.Target getTarget()
builds the rule target from the available information

Returns:
Target

getConditionRoleMatches

protected com.sun.xacml.cond.Apply getConditionRoleMatches(java.lang.String role)
returns a condition expressing that the given role has to be matched

Parameters:
role -
Returns:

getConditionAttributeMatches

protected com.sun.xacml.cond.Apply getConditionAttributeMatches(java.lang.String attributeID,
                                                                java.lang.String attributeValue,
                                                                boolean mustBePresent)
returns a condition expressing that the attribute defined by attributeID has to match the supplied value

Parameters:
attributeID -
attributeValue - param mustBePresent - if true, failure to find the designated attribute will result in "Indeterminate"
Returns:

getConditionOwnerMatches

protected com.sun.xacml.cond.Apply getConditionOwnerMatches()
returns a Condition expressing that the owner of a resource has to be matched

Parameters:
role -
Returns:
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2006-2010 Research Center Juelich. All Rights Reserved.