http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-pep/src/test/java/org/openliberty/openaz/pepapi/std/test/obligation/AnnotatedAuditObligationHandler.java ---------------------------------------------------------------------- diff --git a/openaz-pep/src/test/java/org/openliberty/openaz/pepapi/std/test/obligation/AnnotatedAuditObligationHandler.java b/openaz-pep/src/test/java/org/openliberty/openaz/pepapi/std/test/obligation/AnnotatedAuditObligationHandler.java new file mode 100755 index 0000000..c7a6780 --- /dev/null +++ b/openaz-pep/src/test/java/org/openliberty/openaz/pepapi/std/test/obligation/AnnotatedAuditObligationHandler.java @@ -0,0 +1,36 @@ +package org.openliberty.openaz.pepapi.std.test.obligation; + +import junit.framework.Assert; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.openliberty.openaz.pepapi.Obligation; +import org.openliberty.openaz.pepapi.ObligationStore; +import org.openliberty.openaz.pepapi.ObligationStoreAware; +import org.openliberty.openaz.pepapi.MatchAnyObligation; + +import java.util.Set; + +@MatchAnyObligation("urn:oasis:names:tc:xacml:2.0:obligation:audit") +public class AnnotatedAuditObligationHandler implements ObligationStoreAware { + + private static Log log = LogFactory.getLog(AnnotatedAuditObligationHandler.class); + + private ObligationStore obligationStore; + + public void enforce() { + Set<Obligation> obligationSet = obligationStore.getHandlerObligations(this.getClass()); + if(obligationSet.size() == 1) { + for(Obligation obligation: obligationSet) { + Assert.assertEquals("urn:oasis:names:tc:xacml:2.0:obligation:audit", obligation.getId()); + log.info(obligation.getId()); + } + }else { + Assert.assertFalse(true); + } + } + + @Override + public void setObligationStore(ObligationStore obligationStore) { + this.obligationStore = obligationStore; + } +}
http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-pep/src/test/java/org/openliberty/openaz/pepapi/std/test/obligation/AnnotatedCatchAllObligationHandler.java ---------------------------------------------------------------------- diff --git a/openaz-pep/src/test/java/org/openliberty/openaz/pepapi/std/test/obligation/AnnotatedCatchAllObligationHandler.java b/openaz-pep/src/test/java/org/openliberty/openaz/pepapi/std/test/obligation/AnnotatedCatchAllObligationHandler.java new file mode 100755 index 0000000..0e74d8d --- /dev/null +++ b/openaz-pep/src/test/java/org/openliberty/openaz/pepapi/std/test/obligation/AnnotatedCatchAllObligationHandler.java @@ -0,0 +1,36 @@ +package org.openliberty.openaz.pepapi.std.test.obligation; + +import junit.framework.Assert; +import org.openliberty.openaz.pepapi.Obligation; +import org.openliberty.openaz.pepapi.ObligationStore; +import org.openliberty.openaz.pepapi.ObligationStoreAware; +import org.openliberty.openaz.pepapi.MatchAnyObligation; + +import java.util.HashSet; +import java.util.Set; + +@MatchAnyObligation +public class AnnotatedCatchAllObligationHandler implements ObligationStoreAware { + + private ObligationStore obligationStore; + + public void enforce() { + Set<Obligation> obligationSet = obligationStore.getHandlerObligations(this.getClass()); + if(obligationSet.size() == 2) { + Set<String> obligationIds = new HashSet<String>(); + for(Obligation oblg: obligationSet){ + obligationIds.add(oblg.getId()); + } + Assert.assertTrue(obligationIds.contains("urn:oasis:names:tc:xacml:2.0:obligation:obligation-1")); + Assert.assertTrue(obligationIds.contains("urn:oasis:names:tc:xacml:2.0:obligation:obligation-2")); + }else { + Assert.assertFalse(true); + } + + } + + @Override + public void setObligationStore(ObligationStore obligationStore) { + this.obligationStore = obligationStore; + } +} http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-pep/src/test/java/org/openliberty/openaz/pepapi/std/test/obligation/AnnotatedFilteringObligationHandler.java ---------------------------------------------------------------------- diff --git a/openaz-pep/src/test/java/org/openliberty/openaz/pepapi/std/test/obligation/AnnotatedFilteringObligationHandler.java b/openaz-pep/src/test/java/org/openliberty/openaz/pepapi/std/test/obligation/AnnotatedFilteringObligationHandler.java new file mode 100755 index 0000000..29f49a0 --- /dev/null +++ b/openaz-pep/src/test/java/org/openliberty/openaz/pepapi/std/test/obligation/AnnotatedFilteringObligationHandler.java @@ -0,0 +1,36 @@ +package org.openliberty.openaz.pepapi.std.test.obligation; + +import junit.framework.Assert; +import org.openliberty.openaz.pepapi.Obligation; +import org.openliberty.openaz.pepapi.ObligationStore; +import org.openliberty.openaz.pepapi.ObligationStoreAware; +import org.openliberty.openaz.pepapi.Attribute; +import org.openliberty.openaz.pepapi.MatchAllObligationAttributes; + +import java.util.Set; + +@MatchAllObligationAttributes({ + @Attribute(id="jpmc:obligation:obligation-type", anyValue="Filtering"), + @Attribute(id="urn:oasis:names:tc:xacml:1.0:subject:subject-id") +}) +public class AnnotatedFilteringObligationHandler implements ObligationStoreAware { + + private ObligationStore obligationStore; + + public void enforce() { + Set<Obligation> obligationSet = obligationStore.getHandlerObligations(this.getClass()); + if(obligationSet.size() == 1) { + for(Obligation obligation: obligationSet) { + Assert.assertEquals("urn:oasis:names:tc:xacml:2.0:obligation:obligation-1", + obligation.getId()); + } + }else { + Assert.assertFalse(true); + } + } + + @Override + public void setObligationStore(ObligationStore obligationStore) { + this.obligationStore = obligationStore; + } +} http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-pep/src/test/java/org/openliberty/openaz/pepapi/std/test/obligation/AnnotatedObligationHandler.java ---------------------------------------------------------------------- diff --git a/openaz-pep/src/test/java/org/openliberty/openaz/pepapi/std/test/obligation/AnnotatedObligationHandler.java b/openaz-pep/src/test/java/org/openliberty/openaz/pepapi/std/test/obligation/AnnotatedObligationHandler.java new file mode 100755 index 0000000..57d5adf --- /dev/null +++ b/openaz-pep/src/test/java/org/openliberty/openaz/pepapi/std/test/obligation/AnnotatedObligationHandler.java @@ -0,0 +1,19 @@ +package org.openliberty.openaz.pepapi.std.test.obligation; + +import org.openliberty.openaz.pepapi.Attribute; +import org.openliberty.openaz.pepapi.MatchAllObligationAttributes; +import org.openliberty.openaz.pepapi.MatchAnyObligation; + +@MatchAnyObligation({"jpmc:obligation:one","jpmc:obligation:two","jpmc:obligation:three"}) +@MatchAllObligationAttributes({ + @Attribute(id="jpmc:obligation:obligation-type", anyValue={"FILTERING","REDACTION"}), + @Attribute(id="jpmc:resource:attribute:resource-type", anyValue={"Card"}), + @Attribute(id="jpmc:obligation:attribute:attribute-1") +}) +public class AnnotatedObligationHandler { + + public void enforce() { + + } + +} http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-pep/src/test/java/org/openliberty/openaz/pepapi/std/test/obligation/AnnotatedRedactionObligationHandler.java ---------------------------------------------------------------------- diff --git a/openaz-pep/src/test/java/org/openliberty/openaz/pepapi/std/test/obligation/AnnotatedRedactionObligationHandler.java b/openaz-pep/src/test/java/org/openliberty/openaz/pepapi/std/test/obligation/AnnotatedRedactionObligationHandler.java new file mode 100755 index 0000000..780a69e --- /dev/null +++ b/openaz-pep/src/test/java/org/openliberty/openaz/pepapi/std/test/obligation/AnnotatedRedactionObligationHandler.java @@ -0,0 +1,35 @@ +package org.openliberty.openaz.pepapi.std.test.obligation; + +import junit.framework.Assert; +import org.openliberty.openaz.pepapi.Obligation; +import org.openliberty.openaz.pepapi.ObligationStore; +import org.openliberty.openaz.pepapi.ObligationStoreAware; +import org.openliberty.openaz.pepapi.Attribute; +import org.openliberty.openaz.pepapi.MatchAllObligationAttributes; + +import java.util.Set; + +@MatchAllObligationAttributes( + @Attribute(id="urn:oasis:names:tc:xacml:1.0:subject:age") +) +public class AnnotatedRedactionObligationHandler implements ObligationStoreAware { + + private ObligationStore obligationStore; + + public void enforce() { + Set<Obligation> obligationSet = obligationStore.getHandlerObligations(this.getClass()); + if(obligationSet.size() == 1) { + for(Obligation obligation: obligationSet) { + Assert.assertEquals("urn:oasis:names:tc:xacml:2.0:obligation:obligation-2", + obligation.getId()); + } + }else { + Assert.assertFalse(true); + } + } + + @Override + public void setObligationStore(ObligationStore obligationStore) { + this.obligationStore = obligationStore; + } +} http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-pep/src/test/java/org/openliberty/openaz/pepapi/std/test/obligation/AuditObligationHandler.java ---------------------------------------------------------------------- diff --git a/openaz-pep/src/test/java/org/openliberty/openaz/pepapi/std/test/obligation/AuditObligationHandler.java b/openaz-pep/src/test/java/org/openliberty/openaz/pepapi/std/test/obligation/AuditObligationHandler.java new file mode 100755 index 0000000..64c6c41 --- /dev/null +++ b/openaz-pep/src/test/java/org/openliberty/openaz/pepapi/std/test/obligation/AuditObligationHandler.java @@ -0,0 +1,37 @@ +package org.openliberty.openaz.pepapi.std.test.obligation; + +import junit.framework.Assert; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.openliberty.openaz.pepapi.Obligation; +import org.openliberty.openaz.pepapi.ObligationHandler; +import org.openliberty.openaz.pepapi.ObligationStore; + +import java.util.Set; + +public class AuditObligationHandler implements ObligationHandler { + + private static Log log = LogFactory.getLog(AuditObligationHandler.class); + + private ObligationStore obligationStore; + + public void enforce() { + Set<Obligation> auditOblgSet = obligationStore.getHandlerObligations(this.getClass()); + Assert.assertEquals(true, auditOblgSet.size() == 1); + Obligation auditOblg = obligationStore.getHandlerObligationById( + this.getClass(), + "urn:oasis:names:tc:xacml:2.0:obligation:audit"); + Assert.assertNotNull(auditOblg); + log.info(auditOblg.getId()); + } + + @Override + public boolean match(Obligation t) { + return t.getId().equals("urn:oasis:names:tc:xacml:2.0:obligation:audit"); + } + + @Override + public void setObligationStore(ObligationStore obligationStore) { + this.obligationStore = obligationStore; + } +} http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-pep/src/test/java/org/openliberty/openaz/pepapi/std/test/obligation/CatchAllObligationHandler.java ---------------------------------------------------------------------- diff --git a/openaz-pep/src/test/java/org/openliberty/openaz/pepapi/std/test/obligation/CatchAllObligationHandler.java b/openaz-pep/src/test/java/org/openliberty/openaz/pepapi/std/test/obligation/CatchAllObligationHandler.java new file mode 100755 index 0000000..68732f3 --- /dev/null +++ b/openaz-pep/src/test/java/org/openliberty/openaz/pepapi/std/test/obligation/CatchAllObligationHandler.java @@ -0,0 +1,41 @@ +package org.openliberty.openaz.pepapi.std.test.obligation; + +import junit.framework.Assert; +import org.openliberty.openaz.pepapi.Obligation; +import org.openliberty.openaz.pepapi.ObligationHandler; +import org.openliberty.openaz.pepapi.ObligationStore; + +import java.util.HashSet; +import java.util.Set; + + +public class CatchAllObligationHandler implements ObligationHandler { + + private ObligationStore obligationStore; + + public void enforce() { + Set<Obligation> obligationSet = obligationStore.getHandlerObligations(this.getClass()); + if(obligationSet.size() == 2) { + Set<String> obligationIds = new HashSet<String>(); + for(Obligation oblg: obligationSet){ + obligationIds.add(oblg.getId()); + } + Assert.assertTrue(obligationIds.contains("urn:oasis:names:tc:xacml:2.0:obligation:obligation-1")); + Assert.assertTrue(obligationIds.contains("urn:oasis:names:tc:xacml:2.0:obligation:obligation-2")); + }else { + Assert.assertFalse(true); + } + + } + + @Override + public boolean match(Obligation obligation) { + return true; + } + + @Override + public void setObligationStore(ObligationStore obligationStore) { + this.obligationStore = obligationStore; + } + +} http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-pep/src/test/java/org/openliberty/openaz/pepapi/std/test/obligation/FilteringObligationHandler.java ---------------------------------------------------------------------- diff --git a/openaz-pep/src/test/java/org/openliberty/openaz/pepapi/std/test/obligation/FilteringObligationHandler.java b/openaz-pep/src/test/java/org/openliberty/openaz/pepapi/std/test/obligation/FilteringObligationHandler.java new file mode 100755 index 0000000..427b1e3 --- /dev/null +++ b/openaz-pep/src/test/java/org/openliberty/openaz/pepapi/std/test/obligation/FilteringObligationHandler.java @@ -0,0 +1,45 @@ +package org.openliberty.openaz.pepapi.std.test.obligation; + +import junit.framework.Assert; +import org.openliberty.openaz.pepapi.Obligation; +import org.openliberty.openaz.pepapi.ObligationHandler; +import org.openliberty.openaz.pepapi.ObligationStore; + +import java.util.Map; +import java.util.Set; + +public class FilteringObligationHandler implements ObligationHandler { + + private ObligationStore obligationStore; + + public void enforce() { + Set<Obligation> obligationSet = obligationStore.getHandlerObligations(this.getClass()); + if(obligationSet.size() == 1) { + for(Obligation obligation: obligationSet) { + Assert.assertEquals("urn:oasis:names:tc:xacml:2.0:obligation:obligation-1", + obligation.getId()); + } + }else { + Assert.assertFalse(true); + } + } + + @Override + public boolean match(Obligation obligation) { + Map<String, Object[]> map = obligation.getAttributeMap(); + if(map.containsKey("jpmc:obligation:obligation-type")) { + Object[] values = map.get("jpmc:obligation:obligation-type"); + if(values != null && values.length != 0) { + for(Object value: values) { + return value.equals("Filtering"); + } + } + } + return false; + } + + @Override + public void setObligationStore(ObligationStore obligationStore) { + this.obligationStore = obligationStore; + } +} http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-pep/src/test/java/org/openliberty/openaz/pepapi/std/test/obligation/RedactionObligationHandler.java ---------------------------------------------------------------------- diff --git a/openaz-pep/src/test/java/org/openliberty/openaz/pepapi/std/test/obligation/RedactionObligationHandler.java b/openaz-pep/src/test/java/org/openliberty/openaz/pepapi/std/test/obligation/RedactionObligationHandler.java new file mode 100755 index 0000000..7a262b0 --- /dev/null +++ b/openaz-pep/src/test/java/org/openliberty/openaz/pepapi/std/test/obligation/RedactionObligationHandler.java @@ -0,0 +1,37 @@ +package org.openliberty.openaz.pepapi.std.test.obligation; + +import junit.framework.Assert; +import org.openliberty.openaz.pepapi.Obligation; +import org.openliberty.openaz.pepapi.ObligationHandler; +import org.openliberty.openaz.pepapi.ObligationStore; + +import java.util.Map; +import java.util.Set; + +public class RedactionObligationHandler implements ObligationHandler { + + private ObligationStore obligationStore; + + public void enforce() { + Set<Obligation> obligationSet = obligationStore.getHandlerObligations(this.getClass()); + if(obligationSet.size() == 1) { + for(Obligation obligation: obligationSet) { + Assert.assertEquals("urn:oasis:names:tc:xacml:2.0:obligation:obligation-2", + obligation.getId()); + } + }else { + Assert.assertFalse(true); + } + } + + @Override + public boolean match(Obligation obligation) { + Map<String, Object[]> map = obligation.getAttributeMap(); + return map.containsKey("urn:oasis:names:tc:xacml:1.0:subject:age"); + } + + @Override + public void setObligationStore(ObligationStore obligationStore) { + this.obligationStore = obligationStore; + } +} http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-pep/src/test/java/org/openliberty/openaz/pepapi/std/test/util/AzInvoker.java ---------------------------------------------------------------------- diff --git a/openaz-pep/src/test/java/org/openliberty/openaz/pepapi/std/test/util/AzInvoker.java b/openaz-pep/src/test/java/org/openliberty/openaz/pepapi/std/test/util/AzInvoker.java new file mode 100755 index 0000000..e6b524a --- /dev/null +++ b/openaz-pep/src/test/java/org/openliberty/openaz/pepapi/std/test/util/AzInvoker.java @@ -0,0 +1,53 @@ +package org.openliberty.openaz.pepapi.std.test.util; + +import org.openliberty.openaz.pepapi.PepAgent; +import org.openliberty.openaz.pepapi.PepResponse; + +import java.util.concurrent.Callable; + + +public class AzInvoker implements Callable<String> { + + private final PepAgent pepAgent; + + private final Object subject; + + private final Object action; + + private final Object resource; + + private final long sleepDuration; + + private final HasResult handler; + + public AzInvoker(PepAgent pepAgent, Object subject, Object action, + Object resource, HasResult handler, long sleepDuration) { + this.pepAgent = pepAgent; + this.subject = subject; + this.action = action; + this.resource = resource; + this.handler = handler; + this.sleepDuration = sleepDuration; + } + + private String invoke()throws InterruptedException{ + PepResponse response = pepAgent.decide(subject, action, resource); + if(response != null){ + response.allowed(); + } + Thread.sleep(this.sleepDuration); + return handler.getResult(); + } + + public String call() throws Exception { + return invoke(); + } + + public long getSleepDuration() { + return sleepDuration; + } + + public HasResult getPep() { + return handler; + } +} http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-pep/src/test/java/org/openliberty/openaz/pepapi/std/test/util/HasResult.java ---------------------------------------------------------------------- diff --git a/openaz-pep/src/test/java/org/openliberty/openaz/pepapi/std/test/util/HasResult.java b/openaz-pep/src/test/java/org/openliberty/openaz/pepapi/std/test/util/HasResult.java new file mode 100755 index 0000000..c22258f --- /dev/null +++ b/openaz-pep/src/test/java/org/openliberty/openaz/pepapi/std/test/util/HasResult.java @@ -0,0 +1,7 @@ +package org.openliberty.openaz.pepapi.std.test.util; + +public interface HasResult { + + public String getResult(); + +} http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-pep/src/test/resources/log4j.xml ---------------------------------------------------------------------- diff --git a/openaz-pep/src/test/resources/log4j.xml b/openaz-pep/src/test/resources/log4j.xml new file mode 100755 index 0000000..ff481f9 --- /dev/null +++ b/openaz-pep/src/test/resources/log4j.xml @@ -0,0 +1,33 @@ +<?xml version="1.0" encoding="UTF-8" ?> +<!DOCTYPE log4j:configuration SYSTEM "log4j.dtd"> +<log4j:configuration xmlns:log4j='http://jakarta.apache.org/log4j/'> + + <appender name="consoleAppender" class="org.apache.log4j.ConsoleAppender"> + <layout class="org.apache.log4j.PatternLayout"> + <param name="ConversionPattern" value="%d{HH:mm:ss.SSS} [%t] %5p %c{1} - %m%n"/> + </layout> + </appender> + + <appender name="fileAppender" class="org.apache.log4j.RollingFileAppender"> + <param name="append" value="false"/> + <param name="file" value="target/openaz-junit-tests.log"/> + <layout class="org.apache.log4j.PatternLayout"> + <param name="ConversionPattern" value="%d{HH:mm:ss.SSS} [%t] %5p %c{1} - %m%n"/> + </layout> + </appender> + + <logger name="org.openliberty.openaz"> + <level value="debug"/> + </logger> + + <logger name="org.springframework"> + <level value="error"/> + </logger> + + <root> + <level value="debug"/> + <appender-ref ref="consoleAppender"/> + <!-- <appender-ref ref="fileAppender"/> --> + </root> + +</log4j:configuration> \ No newline at end of file http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-pep/src/test/resources/policies/TestPolicy001.xml ---------------------------------------------------------------------- diff --git a/openaz-pep/src/test/resources/policies/TestPolicy001.xml b/openaz-pep/src/test/resources/policies/TestPolicy001.xml new file mode 100755 index 0000000..4f2a711 --- /dev/null +++ b/openaz-pep/src/test/resources/policies/TestPolicy001.xml @@ -0,0 +1,55 @@ +<?xml version="1.0" encoding="UTF-8" standalone="no"?> +<Policy xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; PolicyId="urn:oasis:names:tc:xacml:2.0:test001:policy" + RuleCombiningAlgId="urn:oasis:names:tc:xacml:3.0:rule-combining-algorithm:deny-overrides" Version="1.0" xsi:schemaLocation="urn:oasis:names:tc:xacml:3.0:policy:schema:os access_control-xacml-2.0-policy-schema-os.xsd"> + <Description></Description> + <Target/> + <Rule RuleId="urn:oasis:names:tc:xacml:1.0:test001:rule-1" Effect="Permit"> + <Description> + Julius Hibbert can read or write Bart Simpson's medical record. + </Description> + <Target> + <AnyOf> + <AllOf> + <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal"> + <AttributeValue + DataType="http://www.w3.org/2001/XMLSchema#string";>Julius Hibbert</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" + AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id" + DataType="http://www.w3.org/2001/XMLSchema#string"; MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + <AnyOf> + <AllOf> + <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal"> + <AttributeValue + DataType="http://www.w3.org/2001/XMLSchema#string";>http://medico.com/record/patient/BartSimpson</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" + AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" + DataType="http://www.w3.org/2001/XMLSchema#string"; MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + <AnyOf> + <AllOf> + <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal"> + <AttributeValue + DataType="http://www.w3.org/2001/XMLSchema#string";>read</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action" + AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" + DataType="http://www.w3.org/2001/XMLSchema#string"; MustBePresent="false"/> + </Match> + </AllOf> + <AllOf> + <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal"> + <AttributeValue + DataType="http://www.w3.org/2001/XMLSchema#string";>write</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action" + AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" + DataType="http://www.w3.org/2001/XMLSchema#string"; MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + </Target> + </Rule> +</Policy> http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-pep/src/test/resources/policies/TestPolicy002.xml ---------------------------------------------------------------------- diff --git a/openaz-pep/src/test/resources/policies/TestPolicy002.xml b/openaz-pep/src/test/resources/policies/TestPolicy002.xml new file mode 100755 index 0000000..d0308c9 --- /dev/null +++ b/openaz-pep/src/test/resources/policies/TestPolicy002.xml @@ -0,0 +1,125 @@ +<?xml version="1.0" encoding="UTF-8"?> +<Policy + xmlns="urn:oasis:names:tc:xacml:2.0:policy:schema:os" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; + PolicyId="urn:oasis:names:tc:xacml:1.0:conformance-test:IIA2:policy" + RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-overrides"> + <Description> + Policy for Conformance Test IIA001. + </Description> + <Target/> + <Rule + RuleId="urn:oasis:names:tc:xacml:1.0:test-2:rule-1" + Effect="Permit"> + <Description> + Physicians can read or write Bart Simpson's medical record. + </Description> + <Target> + <Subjects> + <Subject> + <SubjectMatch + MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal"> + <AttributeValue + DataType="http://www.w3.org/2001/XMLSchema#string";>Physician</AttributeValue> + <SubjectAttributeDesignator + AttributeId="urn:oasis:names:tc:xacml:1.0:subject:role-id" + DataType="http://www.w3.org/2001/XMLSchema#string"/> + </SubjectMatch> + </Subject> + </Subjects> + <Resources> + <Resource> + <ResourceMatch + MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal"> + <AttributeValue + DataType="http://www.w3.org/2001/XMLSchema#string";>http://medico.com/record/patient/BartSimpson</AttributeValue> + <ResourceAttributeDesignator + AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" + DataType="http://www.w3.org/2001/XMLSchema#string"/> + </ResourceMatch> + </Resource> + </Resources> + <Actions> + <Action> + <ActionMatch + MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal"> + <AttributeValue + DataType="http://www.w3.org/2001/XMLSchema#string";>read</AttributeValue> + <ActionAttributeDesignator + AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" + DataType="http://www.w3.org/2001/XMLSchema#string"/> + </ActionMatch> + </Action> + <Action> + <ActionMatch + MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal"> + <AttributeValue + DataType="http://www.w3.org/2001/XMLSchema#string";>write</AttributeValue> + <ActionAttributeDesignator + AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" + DataType="http://www.w3.org/2001/XMLSchema#string"/> + </ActionMatch> + </Action> + </Actions> + </Target> + </Rule> + <Rule + RuleId="urn:oasis:names:tc:xacml:1.0:test-2:rule-2" + Effect="Permit"> + <Description> + Patient is allowed to read his/her medical record. + </Description> + <Target> + <Subjects> + <Subject> + <SubjectMatch + MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal"> + <AttributeValue + DataType="http://www.w3.org/2001/XMLSchema#string";>Patient</AttributeValue> + <SubjectAttributeDesignator + AttributeId="urn:oasis:names:tc:xacml:1.0:subject:role-id" + DataType="http://www.w3.org/2001/XMLSchema#string"/> + </SubjectMatch> + </Subject> + </Subjects> + <Resources> + <Resource> + <ResourceMatch + MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal"> + <AttributeValue + DataType="http://www.w3.org/2001/XMLSchema#string";>http://medico.com/record/patient/BartSimpson</AttributeValue> + <ResourceAttributeDesignator + AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" + DataType="http://www.w3.org/2001/XMLSchema#string"/> + </ResourceMatch> + </Resource> + </Resources> + <Actions> + <Action> + <ActionMatch + MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal"> + <AttributeValue + DataType="http://www.w3.org/2001/XMLSchema#string";>read</AttributeValue> + <ActionAttributeDesignator + AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" + DataType="http://www.w3.org/2001/XMLSchema#string"/> + </ActionMatch> + </Action> + </Actions> + </Target> + <Condition> + <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-equal"> + <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-one-and-only"> + <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-owner" + DataType="http://www.w3.org/2001/XMLSchema#string"; MustBePresent="false" /> + </Apply> + <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-one-and-only"> + <SubjectAttributeDesignator + AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id" + DataType="http://www.w3.org/2001/XMLSchema#string"; MustBePresent="false" + SubjectCategory="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" /> + </Apply> + </Apply> + </Condition> + </Rule> +</Policy> http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-pep/src/test/resources/policies/TestPolicy003.xml ---------------------------------------------------------------------- diff --git a/openaz-pep/src/test/resources/policies/TestPolicy003.xml b/openaz-pep/src/test/resources/policies/TestPolicy003.xml new file mode 100755 index 0000000..f730e34 --- /dev/null +++ b/openaz-pep/src/test/resources/policies/TestPolicy003.xml @@ -0,0 +1,120 @@ +<?xml version="1.0" encoding="UTF-8"?> +<Policy xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; PolicyId="urn:oasis:names:tc:xacml:2.0:test003:policy" + RuleCombiningAlgId="urn:oasis:names:tc:xacml:3.0:rule-combining-algorithm:deny-overrides" Version="1.0" xsi:schemaLocation="urn:oasis:names:tc:xacml:3.0:policy:schema:os access_control-xacml-2.0-policy-schema-os.xsd"> + <Description></Description> + <Target/> + <Rule RuleId="urn:oasis:names:tc:xacml:2.0:test003:rule1" Effect="Permit"> + <Target> + <AnyOf> + <AllOf> + <Match + MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal"> + <AttributeValue + DataType="http://www.w3.org/2001/XMLSchema#string";>John Smith</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" + AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id" + DataType="http://www.w3.org/2001/XMLSchema#string"; MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + <AnyOf> + <AllOf> + <Match + MatchId="urn:oasis:names:tc:xacml:1.0:function:anyURI-equal"> + <AttributeValue + DataType="http://www.w3.org/2001/XMLSchema#anyURI";>file://repository/classified/abc</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" + AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" + DataType="http://www.w3.org/2001/XMLSchema#anyURI"; MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + <AnyOf> + <AllOf> + <Match + MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal"> + <AttributeValue + DataType="http://www.w3.org/2001/XMLSchema#string";>view</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action" + AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" + DataType="http://www.w3.org/2001/XMLSchema#string"; MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + </Target> + </Rule> + <Rule RuleId="urn:oasis:names:tc:xacml:2.0:test003:rule2" Effect="Permit"> + <Target> + <AnyOf> + <AllOf> + <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal"> + <AttributeValue + DataType="http://www.w3.org/2001/XMLSchema#string";>John Smith</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" + AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id" + DataType="http://www.w3.org/2001/XMLSchema#string"; MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + <AnyOf> + <AllOf> + <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:anyURI-equal"> + <AttributeValue + DataType="http://www.w3.org/2001/XMLSchema#anyURI";>file://repository/classified/xyz</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" + AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" + DataType="http://www.w3.org/2001/XMLSchema#anyURI"; MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + <AnyOf> + <AllOf> + <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal"> + <AttributeValue + DataType="http://www.w3.org/2001/XMLSchema#string";>view</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action" + AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" + DataType="http://www.w3.org/2001/XMLSchema#string"; MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + </Target> + </Rule> + <Rule RuleId="urn:oasis:names:tc:xacml:1.0:conformance-test:IIA3:rule3" Effect="Permit"> + <Target> + <AnyOf> + <AllOf> + <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal"> + <AttributeValue + DataType="http://www.w3.org/2001/XMLSchema#string";>John Smith</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" + AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id" + DataType="http://www.w3.org/2001/XMLSchema#string"; MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + <AnyOf> + <AllOf> + <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:integer-equal"> + <AttributeValue + DataType="http://www.w3.org/2001/XMLSchema#integer";>101</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" + AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" + DataType="http://www.w3.org/2001/XMLSchema#integer"; MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + <AnyOf> + <AllOf> + <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal"> + <AttributeValue + DataType="http://www.w3.org/2001/XMLSchema#string";>view</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action" + AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" + DataType="http://www.w3.org/2001/XMLSchema#string"; MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + </Target> + </Rule> +</Policy> http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-pep/src/test/resources/policies/TestPolicy004.xml ---------------------------------------------------------------------- diff --git a/openaz-pep/src/test/resources/policies/TestPolicy004.xml b/openaz-pep/src/test/resources/policies/TestPolicy004.xml new file mode 100755 index 0000000..83ec917 --- /dev/null +++ b/openaz-pep/src/test/resources/policies/TestPolicy004.xml @@ -0,0 +1,116 @@ +<?xml version="1.0" encoding="UTF-8" standalone="no"?> +<Policy xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; PolicyId="urn:oasis:names:tc:xacml:2.0:test004:policy" + RuleCombiningAlgId="urn:oasis:names:tc:xacml:3.0:rule-combining-algorithm:deny-overrides" Version="1.0" xsi:schemaLocation="urn:oasis:names:tc:xacml:3.0:policy:schema:os access_control-xacml-2.0-policy-schema-os.xsd"> + <Description></Description> + <Target/> + <Rule + RuleId="urn:oasis:names:tc:xacml:1.0:mapper-test:rule1" + Effect="Permit"> + <Description></Description> + <Target> + <AnyOf> + <AllOf> + <Match + MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal"> + <AttributeValue + DataType="http://www.w3.org/2001/XMLSchema#string";>ROLE_DOCUMENT_WRITER</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" + AttributeId="urn:oasis:names:tc:xacml:1.0:subject:role-id" + DataType="http://www.w3.org/2001/XMLSchema#string"; MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + <AnyOf> + <AllOf> + <Match + MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal"> + <AttributeValue + DataType="http://www.w3.org/2001/XMLSchema#string";>Document</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" + AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-type" + DataType="http://www.w3.org/2001/XMLSchema#string"; MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + <AnyOf> + <AllOf> + <Match + MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal"> + <AttributeValue + DataType="http://www.w3.org/2001/XMLSchema#string";>write</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action" + AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" + DataType="http://www.w3.org/2001/XMLSchema#string"; MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + </Target> + <Condition> + <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-equal"> + <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-one-and-only"> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" + AttributeId="jpmc:document:document-owner" + DataType="http://www.w3.org/2001/XMLSchema#string"; MustBePresent="false" /> + </Apply> + <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-one-and-only"> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" + AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id" + DataType="http://www.w3.org/2001/XMLSchema#string"; MustBePresent="false" /> + </Apply> + </Apply> + </Condition> + </Rule> + <Rule + RuleId="urn:oasis:names:tc:xacml:1.0:mapper-test:rule2" + Effect="Permit"> + <Description></Description> + <Target> + <AnyOf> + <AllOf> + <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal"> + <AttributeValue + DataType="http://www.w3.org/2001/XMLSchema#string";>ROLE_DOCUMENT_READER</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" + AttributeId="urn:oasis:names:tc:xacml:1.0:subject:role-id" + DataType="http://www.w3.org/2001/XMLSchema#string"; MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + <AnyOf> + <AllOf> + <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string";>Document</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" + AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-type" + DataType="http://www.w3.org/2001/XMLSchema#string"; MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + <AnyOf> + <AllOf> + <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal"> + <AttributeValue + DataType="http://www.w3.org/2001/XMLSchema#string";>read</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action" + AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" + DataType="http://www.w3.org/2001/XMLSchema#string"; MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + </Target> + <Condition> + <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-equal"> + <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-one-and-only"> + <AttributeDesignator AttributeId="jpmc:client:country-of-domicile" + Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" + DataType="http://www.w3.org/2001/XMLSchema#string"; MustBePresent="false" /> + </Apply> + <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-one-and-only"> + <AttributeDesignator AttributeId="jpmc:request-context:country" + Category="urn:oasis:names:tc:xacml:3.0:attribute-category:environment" + DataType="http://www.w3.org/2001/XMLSchema#string"; MustBePresent="false" /> + </Apply> + </Apply> + </Condition> + </Rule> +</Policy> http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-pep/src/test/resources/policies/TestPolicy005.xml ---------------------------------------------------------------------- diff --git a/openaz-pep/src/test/resources/policies/TestPolicy005.xml b/openaz-pep/src/test/resources/policies/TestPolicy005.xml new file mode 100755 index 0000000..e8d43b5 --- /dev/null +++ b/openaz-pep/src/test/resources/policies/TestPolicy005.xml @@ -0,0 +1,190 @@ +<?xml version="1.0" encoding="UTF-8"?> +<PolicySet + xmlns="urn:oasis:names:tc:xacml:2.0:policy:schema:os" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; + xsi:schemaLocation="urn:oasis:names:tc:xacml:2.0:policy:schema:os + access_control-xacml-2.0-policy-schema-os.xsd" + PolicySetId="urn:oasis:names:tc:xacml:2.0:test005:policyset" + PolicyCombiningAlgId="urn:oasis:names:tc:xacml:1.0:policy-combining-algorithm:first-applicable"> + <Description> + PolicySet for Test 005. + </Description> + <Target/> + <Policy PolicyId="urn:oasis:names:tc:xacml:2.0:test005:policy1" + RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:first-applicable"> + <Description> + Policy for Test 005. + </Description> + <Target/> + <Rule RuleId="urn:oasis:names:tc:xacml:2.0:test005:rule1" + Effect="Permit"> + <Target> + <Subjects> + <Subject> + <SubjectMatch + MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal"> + <AttributeValue + DataType="http://www.w3.org/2001/XMLSchema#string";>Physician</AttributeValue> + <SubjectAttributeDesignator + AttributeId="urn:oasis:names:tc:xacml:1.0:subject:role-id" + DataType="http://www.w3.org/2001/XMLSchema#string"/> + </SubjectMatch> + </Subject> + </Subjects> + <Resources> + <Resource> + <ResourceMatch + MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal"> + <AttributeValue + DataType="http://www.w3.org/2001/XMLSchema#string";>PatientMedicalRecord</AttributeValue> + <ResourceAttributeDesignator + AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-type" + DataType="http://www.w3.org/2001/XMLSchema#string"/> + </ResourceMatch> + </Resource> + </Resources> + <Actions> + <Action> + <ActionMatch + MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal"> + <AttributeValue + DataType="http://www.w3.org/2001/XMLSchema#string";>read</AttributeValue> + <ActionAttributeDesignator + AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" + DataType="http://www.w3.org/2001/XMLSchema#string"/> + </ActionMatch> + </Action> + </Actions> + </Target> + </Rule> + <Obligations> + <Obligation + ObligationId="urn:oasis:names:tc:xacml:2.0:obligation:simpletest" + FulfillOn="Permit"> + <AttributeAssignment + AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id" + DataType="http://www.w3.org/2001/XMLSchema#string";>EVAL_SUBJECT_ATTRIBUTE</AttributeAssignment> + </Obligation> + </Obligations> + </Policy> + <Policy PolicyId="urn:oasis:names:tc:xacml:2.0:test005:policy2" + RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:first-applicable"> + <Description> + Policy for Test 005. + </Description> + <Target/> + <Rule RuleId="urn:oasis:names:tc:xacml:2.0:test005:rule2" + Effect="Permit"> + <Target> + <Subjects> + <Subject> + <SubjectMatch + MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal"> + <AttributeValue + DataType="http://www.w3.org/2001/XMLSchema#string";>Patient</AttributeValue> + <SubjectAttributeDesignator + AttributeId="urn:oasis:names:tc:xacml:1.0:subject:role-id" + DataType="http://www.w3.org/2001/XMLSchema#string"/> + </SubjectMatch> + </Subject> + </Subjects> + <Resources> + <Resource> + <ResourceMatch + MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal"> + <AttributeValue + DataType="http://www.w3.org/2001/XMLSchema#string";>PatientMedicalRecord</AttributeValue> + <ResourceAttributeDesignator + AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-type" + DataType="http://www.w3.org/2001/XMLSchema#string"/> + </ResourceMatch> + </Resource> + </Resources> + <Actions> + <Action> + <ActionMatch + MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal"> + <AttributeValue + DataType="http://www.w3.org/2001/XMLSchema#string";>read</AttributeValue> + <ActionAttributeDesignator + AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" + DataType="http://www.w3.org/2001/XMLSchema#string"/> + </ActionMatch> + </Action> + </Actions> + </Target> + </Rule> + <Obligations> + <Obligation + ObligationId="urn:oasis:names:tc:xacml:2.0:obligation:age-restriction" + FulfillOn="Permit"> + <AttributeAssignment + AttributeId="urn:oasis:names:tc:xacml:1.0:subject:age" + DataType="http://www.w3.org/2001/XMLSchema#string";>EVAL_SUBJECT_ATTRIBUTE</AttributeAssignment> + </Obligation> + <Obligation + ObligationId="urn:oasis:names:tc:xacml:2.0:obligation:audit" + FulfillOn="Permit"/> + </Obligations> + </Policy> + <Policy PolicyId="urn:oasis:names:tc:xacml:2.0:test005:policy3" + RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:first-applicable"> + <Description> + Policy for Test 005. + </Description> + <Target/> + <Rule RuleId="urn:oasis:names:tc:xacml:2.0:test005:rule3" + Effect="Permit"> + <Target> + <Subjects> + <Subject> + <SubjectMatch + MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal"> + <AttributeValue + DataType="http://www.w3.org/2001/XMLSchema#string";>InsuranceAgent</AttributeValue> + <SubjectAttributeDesignator + AttributeId="urn:oasis:names:tc:xacml:1.0:subject:role-id" + DataType="http://www.w3.org/2001/XMLSchema#string"/> + </SubjectMatch> + </Subject> + </Subjects> + <Resources> + <Resource> + <ResourceMatch + MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal"> + <AttributeValue + DataType="http://www.w3.org/2001/XMLSchema#string";>PatientMedicalRecord</AttributeValue> + <ResourceAttributeDesignator + AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-type" + DataType="http://www.w3.org/2001/XMLSchema#string"/> + </ResourceMatch> + </Resource> + </Resources> + <Actions> + <Action> + <ActionMatch + MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal"> + <AttributeValue + DataType="http://www.w3.org/2001/XMLSchema#string";>read</AttributeValue> + <ActionAttributeDesignator + AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" + DataType="http://www.w3.org/2001/XMLSchema#string"/> + </ActionMatch> + </Action> + </Actions> + </Target> + </Rule> + <Obligations> + <Obligation + ObligationId="urn:oasis:names:tc:xacml:2.0:obligation:access-restriction" + FulfillOn="Permit"> + <AttributeAssignment + AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-access-group" + DataType="http://www.w3.org/2001/XMLSchema#string";>EVAL_RESOURCE_ATTRIBUTE</AttributeAssignment> + <AttributeAssignment + AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id" + DataType="http://www.w3.org/2001/XMLSchema#string";>EVAL_SUBJECT_ATTRIBUTE</AttributeAssignment> + </Obligation> + </Obligations> + </Policy> +</PolicySet> http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-pep/src/test/resources/policies/TestPolicy006.xml ---------------------------------------------------------------------- diff --git a/openaz-pep/src/test/resources/policies/TestPolicy006.xml b/openaz-pep/src/test/resources/policies/TestPolicy006.xml new file mode 100755 index 0000000..d609e58 --- /dev/null +++ b/openaz-pep/src/test/resources/policies/TestPolicy006.xml @@ -0,0 +1,80 @@ +<?xml version="1.0" encoding="UTF-8"?> +<PolicySet + xmlns="urn:oasis:names:tc:xacml:2.0:policy:schema:os" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; + xsi:schemaLocation="urn:oasis:names:tc:xacml:2.0:policy:schema:os + access_control-xacml-2.0-policy-schema-os.xsd" + PolicySetId="urn:oasis:names:tc:xacml:2.0:test005:policyset" + PolicyCombiningAlgId="urn:oasis:names:tc:xacml:1.0:policy-combining-algorithm:first-applicable"> + <Description> + PolicySet for Test 005. + </Description> + <Target/> + <Policy PolicyId="urn:oasis:names:tc:xacml:2.0:test005:policy1" + RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:first-applicable"> + <Description> + Policy for Test 005. + </Description> + <Target/> + <Rule RuleId="urn:oasis:names:tc:xacml:2.0:test005:rule1" + Effect="Permit"> + <Target> + <Subjects> + <Subject> + <SubjectMatch + MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal"> + <AttributeValue + DataType="http://www.w3.org/2001/XMLSchema#string";>John Smith</AttributeValue> + <SubjectAttributeDesignator + AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id" + DataType="http://www.w3.org/2001/XMLSchema#string"/> + </SubjectMatch> + </Subject> + </Subjects> + <Resources> + <Resource> + <ResourceMatch + MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal"> + <AttributeValue + DataType="http://www.w3.org/2001/XMLSchema#string";>resource1</AttributeValue> + <ResourceAttributeDesignator + AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" + DataType="http://www.w3.org/2001/XMLSchema#string"/> + </ResourceMatch> + </Resource> + </Resources> + <Actions> + <Action> + <ActionMatch + MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal"> + <AttributeValue + DataType="http://www.w3.org/2001/XMLSchema#string";>view</AttributeValue> + <ActionAttributeDesignator + AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" + DataType="http://www.w3.org/2001/XMLSchema#string"/> + </ActionMatch> + </Action> + </Actions> + </Target> + </Rule> + <Obligations> + <Obligation + ObligationId="urn:oasis:names:tc:xacml:2.0:obligation:obligation-1" + FulfillOn="Permit"> + <AttributeAssignment + AttributeId="jpmc:obligation:obligation-type" + DataType="http://www.w3.org/2001/XMLSchema#string";>Filtering</AttributeAssignment> + <AttributeAssignment + AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id" + DataType="http://www.w3.org/2001/XMLSchema#string";>EVAL_SUBJECT_ATTRIBUTE</AttributeAssignment> + </Obligation> + <Obligation + ObligationId="urn:oasis:names:tc:xacml:2.0:obligation:obligation-2" + FulfillOn="Permit"> + <AttributeAssignment + AttributeId="urn:oasis:names:tc:xacml:1.0:subject:age" + DataType="http://www.w3.org/2001/XMLSchema#string";>EVAL_SUBJECT_ATTRIBUTE</AttributeAssignment> + </Obligation> + </Obligations> + </Policy> +</PolicySet> http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-pep/src/test/resources/properties/testapi.xacml.properties ---------------------------------------------------------------------- diff --git a/openaz-pep/src/test/resources/properties/testapi.xacml.properties b/openaz-pep/src/test/resources/properties/testapi.xacml.properties new file mode 100755 index 0000000..b45d2c1 --- /dev/null +++ b/openaz-pep/src/test/resources/properties/testapi.xacml.properties @@ -0,0 +1,20 @@ +# Default XACML Properties File +# Standard API Factories +# +xacml.dataTypeFactory=com.att.research.xacml.std.StdDataTypeFactory +xacml.pdpEngineFactory=com.att.research.xacmlatt.pdp.ATTPDPEngineFactory +xacml.pepEngineFactory=com.att.research.xacml.std.pep.StdEngineFactory +xacml.pipFinderFactory=com.att.research.xacml.std.pip.StdPIPFinderFactory + +# AT&T PDP Implementation Factories +# +xacml.att.evaluationContextFactory=com.att.research.xacmlatt.pdp.std.StdEvaluationContextFactory +xacml.att.combiningAlgorithmFactory=com.att.research.xacmlatt.pdp.std.StdCombiningAlgorithmFactory +xacml.att.functionDefinitionFactory=com.att.research.xacmlatt.pdp.std.StdFunctionDefinitionFactory +xacml.att.policyFinderFactory=com.att.research.xacmlatt.pdp.std.StdPolicyFinderFactory + +xacml.rootPolicies=testPolicy +testPolicy.file=src/test/resources/policies/TestPolicy001.xml + +# If there is a standard policy for the engine: +# xacml.att.stdPolicyFinderFactory.rootPolicyFile=/etc/stdpolicyset.xml http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-pep/src/test/resources/properties/testdatatypes.xacml.properties ---------------------------------------------------------------------- diff --git a/openaz-pep/src/test/resources/properties/testdatatypes.xacml.properties b/openaz-pep/src/test/resources/properties/testdatatypes.xacml.properties new file mode 100755 index 0000000..cb6d77b --- /dev/null +++ b/openaz-pep/src/test/resources/properties/testdatatypes.xacml.properties @@ -0,0 +1,20 @@ +# Default XACML Properties File +# Standard API Factories +# +xacml.dataTypeFactory=com.att.research.xacml.std.StdDataTypeFactory +xacml.pdpEngineFactory=com.att.research.xacmlatt.pdp.ATTPDPEngineFactory +xacml.pepEngineFactory=com.att.research.xacml.std.pep.StdEngineFactory +xacml.pipFinderFactory=com.att.research.xacml.std.pip.StdPIPFinderFactory + +# AT&T PDP Implementation Factories +# +xacml.att.evaluationContextFactory=com.att.research.xacmlatt.pdp.std.StdEvaluationContextFactory +xacml.att.combiningAlgorithmFactory=com.att.research.xacmlatt.pdp.std.StdCombiningAlgorithmFactory +xacml.att.functionDefinitionFactory=com.att.research.xacmlatt.pdp.std.StdFunctionDefinitionFactory +xacml.att.policyFinderFactory=com.att.research.xacmlatt.pdp.std.StdPolicyFinderFactory + +xacml.rootPolicies=testPolicy +testPolicy.file=src/test/resources/policies/TestPolicy003.xml + +# If there is a standard policy for the engine: +# xacml.att.stdPolicyFinderFactory.rootPolicyFile=/etc/stdpolicyset.xml http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-pep/src/test/resources/properties/testmapper.xacml.properties ---------------------------------------------------------------------- diff --git a/openaz-pep/src/test/resources/properties/testmapper.xacml.properties b/openaz-pep/src/test/resources/properties/testmapper.xacml.properties new file mode 100755 index 0000000..12e1754 --- /dev/null +++ b/openaz-pep/src/test/resources/properties/testmapper.xacml.properties @@ -0,0 +1,24 @@ +# Default XACML Properties File +# Standard API Factories +# +xacml.dataTypeFactory=com.att.research.xacml.std.StdDataTypeFactory +xacml.pdpEngineFactory=com.att.research.xacmlatt.pdp.ATTPDPEngineFactory +xacml.pepEngineFactory=com.att.research.xacml.std.pep.StdEngineFactory +xacml.pipFinderFactory=com.att.research.xacml.std.pip.StdPIPFinderFactory + +# AT&T PDP Implementation Factories +# +xacml.att.evaluationContextFactory=com.att.research.xacmlatt.pdp.std.StdEvaluationContextFactory +xacml.att.combiningAlgorithmFactory=com.att.research.xacmlatt.pdp.std.StdCombiningAlgorithmFactory +xacml.att.functionDefinitionFactory=com.att.research.xacmlatt.pdp.std.StdFunctionDefinitionFactory +xacml.att.policyFinderFactory=com.att.research.xacmlatt.pdp.std.StdPolicyFinderFactory + +xacml.rootPolicies=testPolicy +testPolicy.file=src/test/resources/policies/TestPolicy004.xml + +#pep properties +pep.issuer=test +pep.mapper.classes=org.openliberty.openaz.pepapi.std.test.mapper.BusinessRequestContextMapper,\ + org.openliberty.openaz.pepapi.std.test.mapper.DocumentMapper, \ + org.openliberty.openaz.pepapi.std.test.mapper.ClientMapper, \ + org.openliberty.openaz.pepapi.std.test.mapper.MedicalRecordMapper http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-pep/target/classes/org/openliberty/openaz/pepapi/Action.class ---------------------------------------------------------------------- diff --git a/openaz-pep/target/classes/org/openliberty/openaz/pepapi/Action.class b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/Action.class new file mode 100644 index 0000000..2337848 Binary files /dev/null and b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/Action.class differ http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-pep/target/classes/org/openliberty/openaz/pepapi/ActionResourcePair.class ---------------------------------------------------------------------- diff --git a/openaz-pep/target/classes/org/openliberty/openaz/pepapi/ActionResourcePair.class b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/ActionResourcePair.class new file mode 100644 index 0000000..4ed0074 Binary files /dev/null and b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/ActionResourcePair.class differ http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-pep/target/classes/org/openliberty/openaz/pepapi/Advice.class ---------------------------------------------------------------------- diff --git a/openaz-pep/target/classes/org/openliberty/openaz/pepapi/Advice.class b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/Advice.class new file mode 100644 index 0000000..5663013 Binary files /dev/null and b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/Advice.class differ http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-pep/target/classes/org/openliberty/openaz/pepapi/Attribute.class ---------------------------------------------------------------------- diff --git a/openaz-pep/target/classes/org/openliberty/openaz/pepapi/Attribute.class b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/Attribute.class new file mode 100644 index 0000000..3ca8211 Binary files /dev/null and b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/Attribute.class differ http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-pep/target/classes/org/openliberty/openaz/pepapi/CategoryContainer.class ---------------------------------------------------------------------- diff --git a/openaz-pep/target/classes/org/openliberty/openaz/pepapi/CategoryContainer.class b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/CategoryContainer.class new file mode 100644 index 0000000..55f44fa Binary files /dev/null and b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/CategoryContainer.class differ http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-pep/target/classes/org/openliberty/openaz/pepapi/Environment.class ---------------------------------------------------------------------- diff --git a/openaz-pep/target/classes/org/openliberty/openaz/pepapi/Environment.class b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/Environment.class new file mode 100644 index 0000000..2c2d853 Binary files /dev/null and b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/Environment.class differ http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-pep/target/classes/org/openliberty/openaz/pepapi/InvalidAnnotationException.class ---------------------------------------------------------------------- diff --git a/openaz-pep/target/classes/org/openliberty/openaz/pepapi/InvalidAnnotationException.class b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/InvalidAnnotationException.class new file mode 100644 index 0000000..3c8156c Binary files /dev/null and b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/InvalidAnnotationException.class differ http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-pep/target/classes/org/openliberty/openaz/pepapi/MapperRegistry.class ---------------------------------------------------------------------- diff --git a/openaz-pep/target/classes/org/openliberty/openaz/pepapi/MapperRegistry.class b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/MapperRegistry.class new file mode 100644 index 0000000..c90e3dc Binary files /dev/null and b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/MapperRegistry.class differ http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-pep/target/classes/org/openliberty/openaz/pepapi/MatchAllObligationAttributes.class ---------------------------------------------------------------------- diff --git a/openaz-pep/target/classes/org/openliberty/openaz/pepapi/MatchAllObligationAttributes.class b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/MatchAllObligationAttributes.class new file mode 100644 index 0000000..559631e Binary files /dev/null and b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/MatchAllObligationAttributes.class differ http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-pep/target/classes/org/openliberty/openaz/pepapi/MatchAnyObligation.class ---------------------------------------------------------------------- diff --git a/openaz-pep/target/classes/org/openliberty/openaz/pepapi/MatchAnyObligation.class b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/MatchAnyObligation.class new file mode 100644 index 0000000..b177a57 Binary files /dev/null and b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/MatchAnyObligation.class differ http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-pep/target/classes/org/openliberty/openaz/pepapi/Matchable.class ---------------------------------------------------------------------- diff --git a/openaz-pep/target/classes/org/openliberty/openaz/pepapi/Matchable.class b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/Matchable.class new file mode 100644 index 0000000..e68def5 Binary files /dev/null and b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/Matchable.class differ http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-pep/target/classes/org/openliberty/openaz/pepapi/ObjectMapper.class ---------------------------------------------------------------------- diff --git a/openaz-pep/target/classes/org/openliberty/openaz/pepapi/ObjectMapper.class b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/ObjectMapper.class new file mode 100644 index 0000000..f734523 Binary files /dev/null and b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/ObjectMapper.class differ http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-pep/target/classes/org/openliberty/openaz/pepapi/Obligation.class ---------------------------------------------------------------------- diff --git a/openaz-pep/target/classes/org/openliberty/openaz/pepapi/Obligation.class b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/Obligation.class new file mode 100644 index 0000000..58100f3 Binary files /dev/null and b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/Obligation.class differ http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-pep/target/classes/org/openliberty/openaz/pepapi/ObligationHandler.class ---------------------------------------------------------------------- diff --git a/openaz-pep/target/classes/org/openliberty/openaz/pepapi/ObligationHandler.class b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/ObligationHandler.class new file mode 100644 index 0000000..380ef97 Binary files /dev/null and b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/ObligationHandler.class differ http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-pep/target/classes/org/openliberty/openaz/pepapi/ObligationHandlerRegistry.class ---------------------------------------------------------------------- diff --git a/openaz-pep/target/classes/org/openliberty/openaz/pepapi/ObligationHandlerRegistry.class b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/ObligationHandlerRegistry.class new file mode 100644 index 0000000..c00f13b Binary files /dev/null and b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/ObligationHandlerRegistry.class differ http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-pep/target/classes/org/openliberty/openaz/pepapi/ObligationRouter.class ---------------------------------------------------------------------- diff --git a/openaz-pep/target/classes/org/openliberty/openaz/pepapi/ObligationRouter.class b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/ObligationRouter.class new file mode 100644 index 0000000..7f340b4 Binary files /dev/null and b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/ObligationRouter.class differ http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-pep/target/classes/org/openliberty/openaz/pepapi/ObligationStore.class ---------------------------------------------------------------------- diff --git a/openaz-pep/target/classes/org/openliberty/openaz/pepapi/ObligationStore.class b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/ObligationStore.class new file mode 100644 index 0000000..2d7c325 Binary files /dev/null and b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/ObligationStore.class differ http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-pep/target/classes/org/openliberty/openaz/pepapi/ObligationStoreAware.class ---------------------------------------------------------------------- diff --git a/openaz-pep/target/classes/org/openliberty/openaz/pepapi/ObligationStoreAware.class b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/ObligationStoreAware.class new file mode 100644 index 0000000..d028684 Binary files /dev/null and b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/ObligationStoreAware.class differ http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-pep/target/classes/org/openliberty/openaz/pepapi/PepAgent.class ---------------------------------------------------------------------- diff --git a/openaz-pep/target/classes/org/openliberty/openaz/pepapi/PepAgent.class b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/PepAgent.class new file mode 100644 index 0000000..867d637 Binary files /dev/null and b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/PepAgent.class differ http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-pep/target/classes/org/openliberty/openaz/pepapi/PepAgentFactory.class ---------------------------------------------------------------------- diff --git a/openaz-pep/target/classes/org/openliberty/openaz/pepapi/PepAgentFactory.class b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/PepAgentFactory.class new file mode 100644 index 0000000..ad8c396 Binary files /dev/null and b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/PepAgentFactory.class differ http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-pep/target/classes/org/openliberty/openaz/pepapi/PepConfig.class ---------------------------------------------------------------------- diff --git a/openaz-pep/target/classes/org/openliberty/openaz/pepapi/PepConfig.class b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/PepConfig.class new file mode 100644 index 0000000..b99e517 Binary files /dev/null and b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/PepConfig.class differ http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-pep/target/classes/org/openliberty/openaz/pepapi/PepException.class ---------------------------------------------------------------------- diff --git a/openaz-pep/target/classes/org/openliberty/openaz/pepapi/PepException.class b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/PepException.class new file mode 100644 index 0000000..bbf8f9f Binary files /dev/null and b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/PepException.class differ http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-pep/target/classes/org/openliberty/openaz/pepapi/PepRequest.class ---------------------------------------------------------------------- diff --git a/openaz-pep/target/classes/org/openliberty/openaz/pepapi/PepRequest.class b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/PepRequest.class new file mode 100644 index 0000000..17b60d9 Binary files /dev/null and b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/PepRequest.class differ http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-pep/target/classes/org/openliberty/openaz/pepapi/PepRequestAttributes.class ---------------------------------------------------------------------- diff --git a/openaz-pep/target/classes/org/openliberty/openaz/pepapi/PepRequestAttributes.class b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/PepRequestAttributes.class new file mode 100644 index 0000000..a883e56 Binary files /dev/null and b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/PepRequestAttributes.class differ http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-pep/target/classes/org/openliberty/openaz/pepapi/PepRequestFactory.class ---------------------------------------------------------------------- diff --git a/openaz-pep/target/classes/org/openliberty/openaz/pepapi/PepRequestFactory.class b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/PepRequestFactory.class new file mode 100644 index 0000000..528ae1c Binary files /dev/null and b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/PepRequestFactory.class differ http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-pep/target/classes/org/openliberty/openaz/pepapi/PepResponse.class ---------------------------------------------------------------------- diff --git a/openaz-pep/target/classes/org/openliberty/openaz/pepapi/PepResponse.class b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/PepResponse.class new file mode 100644 index 0000000..5ca7518 Binary files /dev/null and b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/PepResponse.class differ http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-pep/target/classes/org/openliberty/openaz/pepapi/PepResponseBehavior.class ---------------------------------------------------------------------- diff --git a/openaz-pep/target/classes/org/openliberty/openaz/pepapi/PepResponseBehavior.class b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/PepResponseBehavior.class new file mode 100644 index 0000000..ffae897 Binary files /dev/null and b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/PepResponseBehavior.class differ http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-pep/target/classes/org/openliberty/openaz/pepapi/PepResponseFactory.class ---------------------------------------------------------------------- diff --git a/openaz-pep/target/classes/org/openliberty/openaz/pepapi/PepResponseFactory.class b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/PepResponseFactory.class new file mode 100644 index 0000000..4e8444f Binary files /dev/null and b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/PepResponseFactory.class differ http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-pep/target/classes/org/openliberty/openaz/pepapi/PepResponseType.class ---------------------------------------------------------------------- diff --git a/openaz-pep/target/classes/org/openliberty/openaz/pepapi/PepResponseType.class b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/PepResponseType.class new file mode 100644 index 0000000..f29a013 Binary files /dev/null and b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/PepResponseType.class differ http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-pep/target/classes/org/openliberty/openaz/pepapi/PostDecisionHandler.class ---------------------------------------------------------------------- diff --git a/openaz-pep/target/classes/org/openliberty/openaz/pepapi/PostDecisionHandler.class b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/PostDecisionHandler.class new file mode 100644 index 0000000..42a8847 Binary files /dev/null and b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/PostDecisionHandler.class differ http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-pep/target/classes/org/openliberty/openaz/pepapi/PreDecisionHandler.class ---------------------------------------------------------------------- diff --git a/openaz-pep/target/classes/org/openliberty/openaz/pepapi/PreDecisionHandler.class b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/PreDecisionHandler.class new file mode 100644 index 0000000..f063d54 Binary files /dev/null and b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/PreDecisionHandler.class differ http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-pep/target/classes/org/openliberty/openaz/pepapi/Resource.class ---------------------------------------------------------------------- diff --git a/openaz-pep/target/classes/org/openliberty/openaz/pepapi/Resource.class b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/Resource.class new file mode 100644 index 0000000..ed02ad2 Binary files /dev/null and b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/Resource.class differ http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-pep/target/classes/org/openliberty/openaz/pepapi/Subject.class ---------------------------------------------------------------------- diff --git a/openaz-pep/target/classes/org/openliberty/openaz/pepapi/Subject.class b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/Subject.class new file mode 100644 index 0000000..4bc1534 Binary files /dev/null and b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/Subject.class differ http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-pep/target/classes/org/openliberty/openaz/pepapi/UnhandleableObligationException.class ---------------------------------------------------------------------- diff --git a/openaz-pep/target/classes/org/openliberty/openaz/pepapi/UnhandleableObligationException.class b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/UnhandleableObligationException.class new file mode 100644 index 0000000..28d8c6f Binary files /dev/null and b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/UnhandleableObligationException.class differ http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-pep/target/classes/org/openliberty/openaz/pepapi/std/ActionMapper.class ---------------------------------------------------------------------- diff --git a/openaz-pep/target/classes/org/openliberty/openaz/pepapi/std/ActionMapper.class b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/std/ActionMapper.class new file mode 100644 index 0000000..289d996 Binary files /dev/null and b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/std/ActionMapper.class differ http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-pep/target/classes/org/openliberty/openaz/pepapi/std/ActionResourcePairMapper.class ---------------------------------------------------------------------- diff --git a/openaz-pep/target/classes/org/openliberty/openaz/pepapi/std/ActionResourcePairMapper.class b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/std/ActionResourcePairMapper.class new file mode 100644 index 0000000..137c003 Binary files /dev/null and b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/std/ActionResourcePairMapper.class differ http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-pep/target/classes/org/openliberty/openaz/pepapi/std/ArrayMapper.class ---------------------------------------------------------------------- diff --git a/openaz-pep/target/classes/org/openliberty/openaz/pepapi/std/ArrayMapper.class b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/std/ArrayMapper.class new file mode 100644 index 0000000..e1d5084 Binary files /dev/null and b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/std/ArrayMapper.class differ http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-pep/target/classes/org/openliberty/openaz/pepapi/std/CategoryContainerMapper.class ---------------------------------------------------------------------- diff --git a/openaz-pep/target/classes/org/openliberty/openaz/pepapi/std/CategoryContainerMapper.class b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/std/CategoryContainerMapper.class new file mode 100644 index 0000000..bdc1594 Binary files /dev/null and b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/std/CategoryContainerMapper.class differ http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-pep/target/classes/org/openliberty/openaz/pepapi/std/CollectionMapper.class ---------------------------------------------------------------------- diff --git a/openaz-pep/target/classes/org/openliberty/openaz/pepapi/std/CollectionMapper.class b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/std/CollectionMapper.class new file mode 100644 index 0000000..886b01e Binary files /dev/null and b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/std/CollectionMapper.class differ http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-pep/target/classes/org/openliberty/openaz/pepapi/std/MatchAnyCriterion.class ---------------------------------------------------------------------- diff --git a/openaz-pep/target/classes/org/openliberty/openaz/pepapi/std/MatchAnyCriterion.class b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/std/MatchAnyCriterion.class new file mode 100644 index 0000000..0d05e93 Binary files /dev/null and b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/std/MatchAnyCriterion.class differ http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-pep/target/classes/org/openliberty/openaz/pepapi/std/MultiRequest.class ---------------------------------------------------------------------- diff --git a/openaz-pep/target/classes/org/openliberty/openaz/pepapi/std/MultiRequest.class b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/std/MultiRequest.class new file mode 100644 index 0000000..c78308b Binary files /dev/null and b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/std/MultiRequest.class differ http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-pep/target/classes/org/openliberty/openaz/pepapi/std/ObligationAttributeCriterion.class ---------------------------------------------------------------------- diff --git a/openaz-pep/target/classes/org/openliberty/openaz/pepapi/std/ObligationAttributeCriterion.class b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/std/ObligationAttributeCriterion.class new file mode 100644 index 0000000..46edec4 Binary files /dev/null and b/openaz-pep/target/classes/org/openliberty/openaz/pepapi/std/ObligationAttributeCriterion.class differ
