ParsingException occurs while parsing sample xacml.xml
I'm getting started with working with XACML and I trying to work with JBoxx XACML for this. I found the "User Guide for JBoss XACML" and I'm working through it.
I'm trying to get a PolicyDecisionPoint
ClassLoader tcl = PolicyDecisionPointImpl.class.getClassLoader();
InputStream is = tcl.getResourceAsStream("myJBossXACMLConfig.xml");
PolicyDecisionPoint pdp = new JBossPDP(is);
My configuration file looks like this:
<?xml version="1.0" encoding="UTF-8"?> <jbosspdp xmlns="urn:jboss:xacml:2.0"> <Policies> <Policy> <Location>xacml-policy.xml</Location> </Policy> </Policies> <Locators> <Locator Name="org.jboss.security.xacml.locators.JBossPolicySetLocator" /> </Locators> </jbosspdp>
The xacml-policy.xml file is an exact copy of the sample provided in the developers-guide Chapter 4 Web Binding.
When I try to run my code to create the PDP an Exception is thrown:
Caused by: org.jboss.security.xacml.sunxacml.ParsingException: couldn't create http://www.w3.org/2001/XMLSchema#anyURI attribute based on DOM node at org.jboss.security.xacml.sunxacml.attr.BaseAttributeFactory.createValue(BaseAttributeFactory.java:201) at org.jboss.security.xacml.sunxacml.attr.BaseAttributeFactory.createValue(BaseAttributeFactory.java:157) at org.jboss.security.xacml.sunxacml.TargetMatch.getInstance(TargetMatch.java:249) at org.jboss.security.xacml.sunxacml.TargetMatchGroup.getInstance(TargetMatchGroup.java:111) at org.jboss.security.xacml.sunxacml.TargetSection.getInstance(TargetSection.java:116) at org.jboss.security.xacml.sunxacml.Target.getInstance(Target.java:185) at org.jboss.security.xacml.sunxacml.AbstractPolicy.<init>(AbstractPolicy.java:273) at org.jboss.security.xacml.sunxacml.Policy.<init>(Policy.java:305) at org.jboss.security.xacml.sunxacml.Policy.getInstance(Policy.java:427) at org.jboss.security.xacml.util.XACMLPolicyUtil.createPolicy(XACMLPolicyUtil.java:93) at org.jboss.security.xacml.core.JBossXACMLPolicy.<init>(JBossXACMLPolicy.java:85)
I'm using
<dependency> <groupId>org.jboss.security</groupId> <artifactId>jboss-xacml</artifactId> <version>2.0.3</version> </dependency>
Does any body know what is going wrong and how I can fix it?
Any suggestions are kindly appreciated.
With kind regards,
Marco Beelen
Software developer @ IPROFS
Content of the policy file for completness
<?xml version="1.0" encoding="UTF-8"?> <Policy xmlns="urn:oasis:names:tc:xacml:2.0:policy:schema:os" RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:permit-overrides" Version="2.0" PolicyId="ExamplePolicy"> <Target> <Resources> <Resource> <ResourceMatch MatchId="urn:oasis:names:tc:xacml:1.0:function:anyURI-equal"> <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#anyURI"> http://test/developer-guide.html</AttributeValue> <ResourceAttributeDesignator DataType="http://www.w3.org/2001/XMLSchema#anyURI" AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" /> </ResourceMatch> </Resource> </Resources> </Target> <Rule Effect="Permit" RuleId="ReadRule"> <Target> <Actions> <Action> <ActionMatch MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal"> <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">read</AttributeValue> <ActionAttributeDesignator DataType="http://www.w3.org/2001/XMLSchema#string" AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" /> </ActionMatch> </Action> </Actions> </Target> <Condition> <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-is-in"> <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">developer </AttributeValue> <SubjectAttributeDesignator DataType="http://www.w3.org/2001/XMLSchema#string" AttributeId="urn:oasis:names:tc:xacml:2.0:subject:role" /> </Apply> </Condition> </Rule> <!-- If none of the rules apply, deny the request --> <Rule Effect="Deny" RuleId="DenyRule" /> </Policy>
