1 Reply Latest reply on Jun 17, 2011 4:33 PM by anil.saldhana

Policy Target matching by WrapperPolicyFinderModule

paorocce Jun 16, 2011 7:50 AM

Dear all,

I'm testing the use of JBossPolicyLocator with policies from a directoy. The loading process works well, but when I ask for request evaluation I always get the "too many applicable top-level policies" status message.

After some code investigation I think the problem is in the WrapperPolicyFinderModule.findPolicy(EvaluationCtx evaluationCtx) method. This method does not properly match the Policy Target against the current request.

This problem does not affects the JBossPolicySetLocator, as it uses the PolicySetFinderModule class, that properly enforces the PolicySet target.

If this is correct, can you update the WrapperPolicyFinderModule.findPolicy(EvaluationCtx evaluationCtx) implementation to enforce the Policy Target content (in the same way the PolicySetFinderModule already does)?

I'm using JBossXACML version 2.0.6.

Thanks and Regards,

Paolo

1. Re: Policy Target matching by WrapperPolicyFinderModule

anil.saldhana Jun 17, 2011 4:33 PM (in response to paorocce)

Why don't you properly isolate your policies into PolicySets? If you throw a bunch of xacml policies at the engine, they most probably will not be properly isolated.
1 of 1 people found this helpful
Actions