6 Replies Latest reply on Feb 5, 2008 11:22 AM by anil.saldhana

    rough start with JBossPDP

    mario_lanza
    mario_lanza Aug 3, 2007 12:05 PM

      Hello,
      I'm just starting to look into this XACML stuff so I downloaded SX and SPI and AXCML modules, and using JAXB 2.0 with them.
      Regardless of Java version (1.5.6 or 1.6) I get with this code (which reads fine the file, checked that):

      ClassLoader tcl = Thread.currentThread().getContextClassLoader();
 InputStream is = tcl.getResourceAsStream("test-policy.xml");
 try
 {
 PolicyDecisionPoint pdp = new JBossPDP(is);

      a nice exception like this:
      java.lang.RuntimeException: javax.xml.bind.UnmarshalException
 - with linked exception:
[org.xml.sax.SAXParseException: cvc-elt.1: Cannot find the declaration of element 'Policy'.]
 at org.jboss.security.xacml.core.JBossPDP.<init>(JBossPDP.java:103)
 at TestApp.main(TestApp.java:38)

      caused by the line:JAXBElement<?> jxb = (JAXBElement<?>) unmarshaller.unmarshal(configFile);The policy starts like this, nothing fancy: 
      <?xml version="1.0" encoding="UTF-8"?>
<Policy
 xmlns="urn:oasis:names:tc:xacml:1.0:policy"
 RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:permit-overrides"
 PolicyId="ExamplePolicy">
 <Target>
 <Resources>
 <Resource>
...

      so I suppose there's something wrong with the environment, or stuff missing... or something else. Yes, I've read the XACML User Guide.
      Thank you in advance,
      M

      • 3785 Views
      • Tags:
        • 1. Re: rough start with JBossPDP
          anil.saldhana
          anil.saldhana Aug 3, 2007 2:51 PM (in response to mario_lanza)

          What you provide to the PDP construction is a configuration file(which internally lists the locations of your policy/policy sets). Look at page 4 of the user guide for an example of the configuration file.

          <ns:jbosspdp>
 <ns:Policies>
 <ns:PolicySet>
 <ns:Location>test/policies/interop/xacml-policySet.xml</ns:Location>
 <ns:Policy>
 <ns:Location>test/policies/interop/xacml-policy2.xml</ns:Location>
 </ns:Policy>
 <ns:Policy>
 <ns:Location>test/policies/interop/xacml-policy3.xml</ns:Location>
 </ns:Policy>
 <ns:Policy>
 <ns:Location>test/policies/interop/xacml-policy4.xml</ns:Location>
 </ns:Policy>
 <ns:Policy>
 <ns:Location>test/policies/interop/xacml-policy5.xml</ns:Location>
 </ns:Policy>
 </ns:PolicySet>
 </ns:Policies>
<ns:Locators>
 <ns:Locator>
 </ns:Locator>
</ns:Locators>
</ns:jbosspdp>


          I will need to clean up the user guide and make it more intuitive and descriptive (this is a beta release). For the GA release, I will get the user guide better. :)

          If you download the source jar, there are multiple junit tests that you can look at.

            • Actions
          • 2. Re: rough start with JBossPDP
            mario_lanza
            mario_lanza Aug 3, 2007 7:59 PM (in response to mario_lanza)

             

            "anil.saldhana@jboss.com" wrote:
            I will need to clean up the user guide and make it more intuitive and descriptive (this is a beta release). For the GA release, I will get the user guide better. :)

            If you download the source jar, there are multiple junit tests that you can look at.

            Thank you very much, I should have thought myself about the sources before asking... And yes, I had a heck of a fight with the user guide ;)
            On the other hand I'm quite surprised that I'm the first one posting here comments about this component... google says also zit... anyway, I'll dig on.
            Once again thanks,
            M

              • Actions
            • 3. Re: rough start with JBossPDP
              mario_lanza
              mario_lanza Aug 6, 2007 12:44 PM (in response to mario_lanza)

              Just one more question:
              I see there's the anonymous subversion link, but is there a way to access it with a subversion client? My Tortoise is behind a proxy which doesn't let it REPORT, if I use https it simply says the URL is not existing. Indeed, https://anonsvn.jboss.org/ shows a bunch of other JBoss projects but no jbossas...
              Regards,
              M

                • Actions
              • 4. Re: rough start with JBossPDP
                anil.saldhana
                anil.saldhana Aug 7, 2007 3:38 PM (in response to mario_lanza)

                Thanks for the comment on the user guide. It will go towards improving it. :)

                Why don't you just download the source jar which contains the source code and tests?

                If you want to use subversion, the link is:
                http://anonsvn.jboss.org/repos/jbossas/projects/security/security-xacml/tags/2.0.1-BETA/

                  • Actions
                • 5. Re: rough start with JBossPDP
                  javasutra
                  javasutra Jan 16, 2008 1:35 PM (in response to mario_lanza)

                  I noticed that the GA version of JBoss XACML seems to have gone away and the AS 5.0 release uses Sun's XACML. Does this mean that no further development of Sun's implementation is planned? From what I can tell, it is stalled and does not fully support XACML 2.0.

                  Thanks.

                    • Actions
                  • 6. Re: rough start with JBossPDP
                    anil.saldhana
                    anil.saldhana Feb 5, 2008 11:22 AM (in response to mario_lanza)

                     

                    "javasutra" wrote:
                    I noticed that the GA version of JBoss XACML seems to have gone away and the AS 5.0 release uses Sun's XACML. Does this mean that no further development of Sun's implementation is planned? From what I can tell, it is stalled and does not fully support XACML 2.0.

                    Thanks.


                    I have not integrated JBossXACML in AS5 yet. It is a minor exercise for me to do in a month or so.

                    Why do you have to worry about complete XACML v2.0 support if all you care is get your use cases working fine?


                      • Actions