aboutsummaryrefslogtreecommitdiffstats
path: root/ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/api/services/PDPServices.java
diff options
context:
space:
mode:
Diffstat (limited to 'ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/api/services/PDPServices.java')
-rw-r--r--ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/api/services/PDPServices.java457
1 files changed, 329 insertions, 128 deletions
diff --git a/ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/api/services/PDPServices.java b/ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/api/services/PDPServices.java
index 6dae064a7..e61bbd3aa 100644
--- a/ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/api/services/PDPServices.java
+++ b/ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/api/services/PDPServices.java
@@ -2,7 +2,7 @@
* ============LICENSE_START=======================================================
* ONAP-PDP-REST
* ================================================================================
- * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+ * Copyright (C) 2017-2018 AT&T Intellectual Property. All rights reserved.
* Modified Copyright (C) 2018 Samsung Electronics Co., Ltd.
* ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -18,21 +18,38 @@
* limitations under the License.
* ============LICENSE_END=========================================================
*/
+
package org.onap.policy.pdp.rest.api.services;
+import com.att.research.xacml.api.Advice;
+import com.att.research.xacml.api.AttributeAssignment;
+import com.att.research.xacml.api.Decision;
+import com.att.research.xacml.api.Obligation;
+import com.att.research.xacml.api.Request;
+import com.att.research.xacml.api.Response;
+import com.att.research.xacml.api.Result;
+import com.att.research.xacml.api.pdp.PDPEngine;
+import com.att.research.xacml.api.pdp.PDPException;
+import com.att.research.xacml.std.dom.DOMRequest;
+import com.att.research.xacml.std.dom.DOMResponse;
+import com.att.research.xacml.std.json.JSONRequest;
+import com.att.research.xacml.std.json.JSONResponse;
+import com.att.research.xacml.util.XACMLProperties;
+import com.google.common.base.Strings;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.io.StringWriter;
+import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.HashSet;
+import java.util.List;
import java.util.Map;
import java.util.Properties;
import java.util.UUID;
-
import javax.json.Json;
import javax.json.JsonReader;
import javax.xml.XMLConstants;
@@ -43,7 +60,6 @@ import javax.xml.transform.Transformer;
import javax.xml.transform.TransformerFactory;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;
-
import org.apache.commons.io.IOUtils;
import org.onap.policy.api.PolicyConfigStatus;
import org.onap.policy.api.PolicyDecision;
@@ -59,42 +75,56 @@ import org.onap.policy.std.Matches;
import org.onap.policy.xacml.api.XACMLErrorConstants;
import org.w3c.dom.Document;
-import com.att.research.xacml.api.Advice;
-import com.att.research.xacml.api.AttributeAssignment;
-import com.att.research.xacml.api.Decision;
-import com.att.research.xacml.api.Obligation;
-import com.att.research.xacml.api.Request;
-import com.att.research.xacml.api.Response;
-import com.att.research.xacml.api.Result;
-import com.att.research.xacml.api.pdp.PDPEngine;
-import com.att.research.xacml.api.pdp.PDPException;
-import com.att.research.xacml.std.json.JSONRequest;
-import com.att.research.xacml.std.json.JSONResponse;
-import com.att.research.xacml.util.XACMLProperties;
public class PDPServices {
private static final Logger LOGGER = FlexLogger.getLogger(PDPServices.class.getName());
- // Change the default Priority value here.
+ // Change the default Priority value here.
private static final int DEFAULT_PRIORITY = 9999;
private boolean unique = false;
private Boolean decide = false;
- private Request rainydayRequest = null;
-
- public Collection<PDPResponse> generateRequest(String jsonString, UUID requestID, boolean unique, boolean decide) throws PolicyException{
+ private String requestType = null;
+ private String requestFormat = DECISION_RAW_XACML_JSON_TYPE;
+ private List<String> policyList = null;
+ public static final String RAINYDAY_TYPE = "BB_ID";
+ public static final String DECISION_MS_NAMING_TYPE = "main-resource-keys";
+ public static final String DECISION_RAW_XACML = "raw-xacml-request";
+ public static final String DECISION_RAW_XACML_TYPE = "raw-xacml-type";
+ public static final String DECISION_RAW_XACML_XML_TYPE = "XML";
+ public static final String DECISION_RAW_XACML_JSON_TYPE = "JSON";
+
+ /**
+ * Generate request.
+ *
+ * @param reqStr the json string
+ * @param requestId the request id
+ * @param unique the unique
+ * @param decide the decide
+ * @return the collection
+ * @throws PolicyException the policy exception
+ */
+ public Collection<PDPResponse> generateRequest(String reqStr, UUID requestId, boolean unique, boolean decide)
+ throws PolicyException {
this.unique = unique;
this.decide = decide;
Collection<PDPResponse> results = null;
Response response = null;
// Create Request. We need XACML API here.
try {
- Request request = JSONRequest.load(jsonString);
- // Assign a rainy day treatment request to parse the decided treatment
- if (jsonString.contains("BB_ID")) {
- rainydayRequest = request;
+ Request request = null;
+ if (DECISION_RAW_XACML_JSON_TYPE.equals(requestFormat)) {
+ request = JSONRequest.load(reqStr);
+ LOGGER.info("--- Generating Request: ---" + requestId + "\n" + JSONRequest.toString(request));
+ } else {
+ request = DOMRequest.load(reqStr);
+ LOGGER.info("--- Generating Request: ---" + requestId + "\n" + reqStr);
}
+
// Call the PDP
- LOGGER.info("--- Generating Request: ---\n" + JSONRequest.toString(request));
- response = callPDP(request, requestID);
+ response = callPdp(request, requestId);
+ if (response == null) {
+ response = callPdp(request, requestId);
+ }
+
} catch (Exception e) {
LOGGER.error(XACMLErrorConstants.ERROR_SCHEMA_INVALID + e);
PDPResponse pdpResponse = new PDPResponse();
@@ -105,8 +135,14 @@ public class PDPServices {
results.add(pdpResponse);
throw new PolicyException(e);
}
+
if (response != null) {
results = checkResponse(response);
+ if (policyList != null) {
+ for (String policy : policyList) {
+ XACMLPdpServlet.monitor.policyCountAdd(policy, 1);
+ }
+ }
} else {
LOGGER.info("No Response Received from PDP");
PDPResponse pdpResponse = new PDPResponse();
@@ -119,59 +155,39 @@ public class PDPServices {
return results;
}
- private Collection<PDPResponse> checkResponse(Response response) throws PolicyException{
+ private Collection<PDPResponse> checkResponse(Response response) throws PolicyException {
String pdpConfigLocation = null;
Collection<PDPResponse> combinedResult = new HashSet<>();
int priority = DEFAULT_PRIORITY;
Map<Integer, PDPResponse> uniqueResult = new HashMap<>();
for (Result result : response.getResults()) {
- if (!result.getDecision().equals(Decision.PERMIT)) {
- LOGGER.info("Decision not a Permit. " + result.getDecision().toString());
- PDPResponse pdpResponse = new PDPResponse();
- if (decide) {
- String indeterminatePropValue = XACMLProperties.getProperty("decision.indeterminate.response");
- if(result.getDecision().equals(Decision.INDETERMINATE)&& indeterminatePropValue != null){
- if("PERMIT".equalsIgnoreCase(indeterminatePropValue)){
- pdpResponse.setDecision(PolicyDecision.PERMIT);
- }else{
- pdpResponse.setDecision(PolicyDecision.DENY);
- }
- }else{
- pdpResponse.setDecision(PolicyDecision.DENY);
- }
- for(Advice advice: result.getAssociatedAdvice()){
- for(AttributeAssignment attribute: advice.getAttributeAssignments()){
- pdpResponse.setDetails(attribute.getAttributeValue().getValue().toString());
- break;
- }
- }
+ // Process the decision policies. We only return one back for
+ // decision
+ if (decide) {
+ PDPResponse pdpResponse = processDecisionResult(result);
+ if (pdpResponse != null) {
combinedResult.add(pdpResponse);
- return combinedResult;
+ } else {
+ LOGGER.info("processDecisionResult returned null");
}
- pdpResponse.setStatus(XACMLErrorConstants.ERROR_DATA_ISSUE + "Incorrect Params passed: Decision not a Permit.",PolicyResponseStatus.NO_ACTION_REQUIRED,PolicyConfigStatus.CONFIG_NOT_FOUND);
+ return combinedResult;
+ }
+ if (!result.getDecision().equals(Decision.PERMIT)) {
+ LOGGER.info("Decision not a Permit. " + result.getDecision().toString());
+ PDPResponse pdpResponse = new PDPResponse();
+ pdpResponse.setStatus(
+ XACMLErrorConstants.ERROR_DATA_ISSUE + "Incorrect Params passed: Decision not a Permit.",
+ PolicyResponseStatus.NO_ACTION_REQUIRED, PolicyConfigStatus.CONFIG_NOT_FOUND);
combinedResult.add(pdpResponse);
return combinedResult;
} else {
- if (decide) {
- // check for Decision for decision based calls.
- PDPResponse pdpResponse = new PDPResponse();
- pdpResponse.setDecision(PolicyDecision.PERMIT);
-
- //if this is a Rainy Day treatment decision we need to get the selected treatment
- if(rainydayRequest!=null){
- pdpResponse.setDetails(getRainyDayTreatment(result));
- } else {
- pdpResponse.setDetails("Decision Permit. OK!");
- }
- combinedResult.add(pdpResponse);
- return combinedResult;
- }
if (!result.getAssociatedAdvice().isEmpty()) {
- // Configurations should be in advice.
+ // Configurations should be in advice.
// Also PDP took actions could be here.
for (Advice advice : result.getAssociatedAdvice()) {
- int config = 0, uri = 0;
- String configURL = null;
+ int config = 0;
+ int uri = 0;
+ String configUrl = null;
String policyName = null;
String policyVersion = null;
Matches match = new Matches();
@@ -182,48 +198,60 @@ public class PDPServices {
PDPResponse pdpResponse = new PDPResponse();
Map<String, String> adviseAttributes = new HashMap<>();
for (AttributeAssignment attribute : advice.getAttributeAssignments()) {
- adviseAttributes.put(attribute.getAttributeId().stringValue(), attribute.getAttributeValue().getValue().toString());
+ adviseAttributes.put(attribute.getAttributeId().stringValue(),
+ attribute.getAttributeValue().getValue().toString());
if ("CONFIGURATION".equalsIgnoreCase(attribute.getAttributeValue().getValue().toString())) {
config++;
} else if (attribute.getDataTypeId().stringValue().endsWith("anyURI")) {
uri++;
if (uri == 1) {
- configURL = attribute.getAttributeValue().getValue().toString();
- pdpConfigLocation = configURL.replace("$URL", XACMLProperties.getProperty(XACMLRestProperties.PROP_PDP_WEBAPPS));
+ configUrl = attribute.getAttributeValue().getValue().toString();
+ pdpConfigLocation = configUrl.replace("$URL",
+ XACMLProperties.getProperty(XACMLRestProperties.PROP_PDP_WEBAPPS));
} else {
if (!("PDP".equalsIgnoreCase(attribute.getIssuer()))) {
- throw new PolicyException(XACMLErrorConstants.ERROR_DATA_ISSUE + "Error having multiple URI in the Policy");
+ throw new PolicyException(XACMLErrorConstants.ERROR_DATA_ISSUE
+ + "Error having multiple URI in the Policy");
}
}
} else if ("PolicyName".equalsIgnoreCase(attribute.getAttributeId().stringValue())) {
policyName = attribute.getAttributeValue().getValue().toString();
+ policyList.add(policyName);
} else if ("VersionNumber".equalsIgnoreCase(attribute.getAttributeId().stringValue())) {
policyVersion = attribute.getAttributeValue().getValue().toString();
- } else if ("Priority".equalsIgnoreCase(attribute.getAttributeId().stringValue())){
- try{
+ } else if ("Priority".equalsIgnoreCase(attribute.getAttributeId().stringValue())) {
+ try {
priority = Integer.parseInt(attribute.getAttributeValue().getValue().toString());
- } catch(Exception e){
- LOGGER.error(XACMLErrorConstants.ERROR_DATA_ISSUE+ "Unable to Parse Integer for Priority. Setting to default value",e);
+ } catch (Exception e) {
+ LOGGER.error(
+ XACMLErrorConstants.ERROR_DATA_ISSUE
+ + "Unable to Parse Integer for Priority. Setting to default value",
+ e);
priority = DEFAULT_PRIORITY;
}
} else if (attribute.getAttributeId().stringValue().startsWith("matching")) {
- matchingConditions.put(attribute.getAttributeId().stringValue()
- .replaceFirst("(matching).", ""),attribute.getAttributeValue().getValue().toString());
- if ("ONAPName".equals(attribute.getAttributeId().stringValue()
- .replaceFirst("(matching).", ""))) {
+ matchingConditions.put(
+ attribute.getAttributeId().stringValue().replaceFirst("(matching).", ""),
+ attribute.getAttributeValue().getValue().toString());
+ if ("ONAPName".equals(
+ attribute.getAttributeId().stringValue().replaceFirst("(matching).", ""))) {
match.setOnapName(attribute.getAttributeValue().getValue().toString());
- } else if ("ConfigName".equals(attribute.getAttributeId().stringValue()
- .replaceFirst("(matching).", ""))) {
+ matchingConditions.put("ECOMPName",
+ attribute.getAttributeValue().getValue().toString());
+ } else if ("ConfigName".equals(
+ attribute.getAttributeId().stringValue().replaceFirst("(matching).", ""))) {
match.setConfigName(attribute.getAttributeValue().getValue().toString());
} else {
- configAttributes.put(attribute.getAttributeId().stringValue()
- .replaceFirst("(matching).", ""),attribute.getAttributeValue().getValue().toString());
+ configAttributes.put(
+ attribute.getAttributeId().stringValue().replaceFirst("(matching).", ""),
+ attribute.getAttributeValue().getValue().toString());
}
} else if (attribute.getAttributeId().stringValue().startsWith("key:")) {
- responseAttributes.put(attribute.getAttributeId().stringValue().replaceFirst("(key).", ""),
+ responseAttributes.put(
+ attribute.getAttributeId().stringValue().replaceFirst("(key).", ""),
attribute.getAttributeValue().getValue().toString());
} else if (attribute.getAttributeId().stringValue().startsWith("controller:")) {
- responseAttributes.put("$"+ attribute.getAttributeId().stringValue(),
+ responseAttributes.put("$" + attribute.getAttributeId().stringValue(),
attribute.getAttributeValue().getValue().toString());
} else if (attribute.getAttributeId().stringValue().startsWith("dependencies:")) {
responseAttributes.put("$dependency$",
@@ -236,41 +264,42 @@ public class PDPServices {
if ((config == 1) && (uri == 1)) {
// If there is a configuration.
try {
- LOGGER.debug("Configuration Call to : " + configURL);
+ LOGGER.debug("Configuration Call to : " + configUrl);
pdpResponse = configCall(pdpConfigLocation);
} catch (Exception e) {
- LOGGER.error(XACMLErrorConstants.ERROR_PROCESS_FLOW+ e);
- pdpResponse.setStatus("Error in Calling the Configuration URL "+ e,
- PolicyResponseStatus.NO_ACTION_REQUIRED,
- PolicyConfigStatus.CONFIG_NOT_FOUND);
+ LOGGER.error(XACMLErrorConstants.ERROR_PROCESS_FLOW + e);
+ pdpResponse.setStatus("Error in Calling the Configuration URL " + e,
+ PolicyResponseStatus.NO_ACTION_REQUIRED, PolicyConfigStatus.CONFIG_NOT_FOUND);
}
pdpResponse.setPolicyName(policyName);
pdpResponse.setPolicyVersion(policyVersion);
pdpResponse.setMatchingConditions(matchingConditions);
pdpResponse.setResponseAttributes(responseAttributes);
- if(!unique){
+ if (!unique) {
combinedResult.add(pdpResponse);
- }else{
- if(!uniqueResult.isEmpty()){
- if(uniqueResult.containsKey(priority)){
- // Not any more unique, check the matching conditions size
+ } else {
+ if (!uniqueResult.isEmpty()) {
+ if (uniqueResult.containsKey(priority)) {
+ // Not any more unique, check the
+ // matching conditions size
int oldSize = uniqueResult.get(priority).getMatchingConditions().size();
int newSize = matchingConditions.size();
- if(oldSize < newSize){
+ if (oldSize < newSize) {
uniqueResult.put(priority, pdpResponse);
- }else if(oldSize == newSize){
+ } else if (oldSize == newSize) {
pdpResponse = new PDPResponse();
- pdpResponse.setStatus("Two/more Policies have Same Priority and matching conditions, Please correct your policies.",
+ pdpResponse.setStatus(
+ "Two/more Policies have Same Priority and matching conditions, Please correct your policies.",
PolicyResponseStatus.NO_ACTION_REQUIRED,
PolicyConfigStatus.CONFIG_NOT_FOUND);
combinedResult.add(pdpResponse);
unique = false;
return combinedResult;
}
- }else{
+ } else {
uniqueResult.put(priority, pdpResponse);
}
- }else{
+ } else {
uniqueResult.put(priority, pdpResponse);
}
}
@@ -303,11 +332,11 @@ public class PDPServices {
}
}
}
- if(unique){
- // Select Unique policy.
+ if (unique) {
+ // Select Unique policy.
int minNum = DEFAULT_PRIORITY;
- for(int num: uniqueResult.keySet()){
- if(num < minNum){
+ for (int num : uniqueResult.keySet()) {
+ if (num < minNum) {
minNum = num;
}
}
@@ -315,19 +344,122 @@ public class PDPServices {
// Turn off Unique
unique = false;
}
-
+
return combinedResult;
}
-
+
+ /**
+ * Process Decision Result.
+ *
+ * @param result input from Response.
+ * @return pdpResposne based on result.
+ */
+ private PDPResponse processDecisionResult(Result result) {
+ PDPResponse pdpResponse = new PDPResponse();
+ pdpResponse.setDecision(PolicyDecision.DENY);
+
+ if (!result.getDecision().equals(Decision.PERMIT)) {
+ LOGGER.info("processDecisionResult: Decision not a Permit. " + result.getDecision().toString());
+ String indeterminatePropValue = XACMLProperties.getProperty("decision.indeterminate.response");
+ if (result.getDecision().equals(Decision.INDETERMINATE) && indeterminatePropValue != null) {
+ if ("PERMIT".equalsIgnoreCase(indeterminatePropValue)) {
+ pdpResponse.setDecision(PolicyDecision.PERMIT);
+ } else {
+ pdpResponse.setDecision(PolicyDecision.DENY);
+ }
+ } else {
+ pdpResponse.setDecision(PolicyDecision.DENY);
+ }
+ for (Advice advice : result.getAssociatedAdvice()) {
+ for (AttributeAssignment attribute : advice.getAttributeAssignments()) {
+ pdpResponse.setDetails(attribute.getAttributeValue().getValue().toString());
+ break;
+ }
+ }
+ pdpResponse.setStatus(
+ XACMLErrorConstants.ERROR_DATA_ISSUE + "Incorrect Params passed: Decision not a Permit.",
+ PolicyResponseStatus.NO_ACTION_REQUIRED, PolicyConfigStatus.CONFIG_NOT_FOUND);
+ } else {
+ checkDecision(pdpResponse, result);
+ }
+ return pdpResponse;
+ }
+
+
+ /**
+ * Check for Decision for decision based calls.
+ *
+ * @param pdpResponseInput pdpResponse.
+ * @param result result.
+ * @return pdpResponse.
+ */
+ private PDPResponse checkDecision(PDPResponse pdpResponseInput, Result result) {
+ PDPResponse pdpResponse = pdpResponseInput;
+ // check for Decision for decision based calls.
+ pdpResponse.setDecision(PolicyDecision.PERMIT);
+
+ // if this is a Rainy Day treatment decision we need to get
+ // the selected treatment
+ if (!Strings.isNullOrEmpty(requestType) && RAINYDAY_TYPE.equals(requestType)) {
+ pdpResponse.setDetails(getRainyDayTreatment(result));
+ } else if (!Strings.isNullOrEmpty(requestType) && DECISION_MS_NAMING_TYPE.equals(requestType)) {
+ boolean configRetrieved = false;
+ for (Advice advice : result.getAssociatedAdvice()) {
+ configRetrieved = checkConfig(advice, configRetrieved, pdpResponse);
+ }
+ if (!configRetrieved) {
+ LOGGER.error(" Failed to retrieve Config data for " + DECISION_MS_NAMING_TYPE);
+ pdpResponse.setDetails("Error in retrieving Config Data");
+ }
+
+ } else {
+ pdpResponse.setDetails("Decision Permit. OK!");
+ }
+ return pdpResponse;
+ }
+
+ /**
+ * Check if there is a configuration.
+ *
+ * @param advice advice.
+ * @param configRetrieved boolean.
+ * @param pdpResponse pdpResposneInput.
+ * @return pdpResponse.
+ */
+ private boolean checkConfig(Advice advice, boolean configRetrieved, PDPResponse pdpResponse) {
+ for (AttributeAssignment attribute : advice.getAttributeAssignments()) {
+ if (attribute.getDataTypeId().stringValue().endsWith("anyURI")) {
+ String configUrl = attribute.getAttributeValue().getValue().toString();
+ String pdpConfigLocation =
+ configUrl.replace("$URL", XACMLProperties.getProperty(XACMLRestProperties.PROP_PDP_WEBAPPS));
+ // If there is a configuration.
+ try {
+ LOGGER.debug("processDecisionResult: Configuration Call to : " + configUrl);
+ pdpResponse = configCall(pdpConfigLocation);
+ pdpResponse.setDecision(PolicyDecision.PERMIT);
+ pdpResponse.setDetails(pdpResponse.getConfig());
+ configRetrieved = true;
+ break;
+ } catch (Exception e) {
+ LOGGER.error(XACMLErrorConstants.ERROR_PROCESS_FLOW + e);
+ LOGGER.error(" Failed to retrieve Config data for " + configUrl);
+ pdpResponse.setDetails("Error in retrieving Config Data from the Configuration URL " + configUrl);
+ }
+ }
+ }
+ return configRetrieved;
+ }
+
private String getRainyDayTreatment(Result result) {
String treatment = null;
- if (rainydayRequest!=null&& !result.getAssociatedAdvice().isEmpty()) {
+ if (result != null && !result.getAssociatedAdvice().isEmpty()) {
// Get the desired treatment for requested errorCode from the Advice
for (Advice advice : result.getAssociatedAdvice()) {
Map<String, String> adviseAttributes = new HashMap<>();
for (AttributeAssignment attribute : advice.getAttributeAssignments()) {
- adviseAttributes.put(attribute.getAttributeId().stringValue(), attribute.getAttributeValue().getValue().toString());
- if ("treatment".equalsIgnoreCase(attribute.getAttributeId().stringValue())){
+ adviseAttributes.put(attribute.getAttributeId().stringValue(),
+ attribute.getAttributeValue().getValue().toString());
+ if ("treatment".equalsIgnoreCase(attribute.getAttributeId().stringValue())) {
treatment = attribute.getAttributeValue().getValue().toString();
}
}
@@ -336,16 +468,15 @@ public class PDPServices {
return treatment;
}
- private PDPResponse configCall(String pdpConfigLocation) throws PDPException, IOException{
+ private PDPResponse configCall(String pdpConfigLocation) throws PDPException, IOException {
PDPResponse pdpResponse = new PDPResponse();
- if(pdpConfigLocation.contains("/")){
+ if (pdpConfigLocation.contains("/")) {
pdpConfigLocation = pdpConfigLocation.replace("/", File.separator);
}
-
- try(InputStream inputStream = new FileInputStream(new File(pdpConfigLocation))) {
+ try (InputStream inputStream = new FileInputStream(new File(pdpConfigLocation))) {
if (pdpConfigLocation.endsWith("json")) {
pdpResponse.setType(PolicyType.JSON);
- try(JsonReader jsonReader = Json.createReader(inputStream);) {
+ try (JsonReader jsonReader = Json.createReader(inputStream)) {
pdpResponse.setConfig(jsonReader.readObject().toString());
}
} else if (pdpConfigLocation.endsWith("xml")) {
@@ -366,15 +497,16 @@ public class PDPServices {
transformer.transform(domSource, result);
pdpResponse.setConfig(writer.toString());
} catch (Exception e) {
- LOGGER.error(XACMLErrorConstants.ERROR_SCHEMA_INVALID+ e);
- throw new PDPException(XACMLErrorConstants.ERROR_SCHEMA_INVALID+ "Unable to parse the XML config", e);
+ LOGGER.error(XACMLErrorConstants.ERROR_SCHEMA_INVALID + e);
+ throw new PDPException(XACMLErrorConstants.ERROR_SCHEMA_INVALID + "Unable to parse the XML config",
+ e);
}
} else if (pdpConfigLocation.endsWith("properties")) {
pdpResponse.setType(PolicyType.PROPERTIES);
Properties configProp = new Properties();
configProp.load(inputStream);
Map<String, String> propVal = new HashMap<>();
- for(String name: configProp.stringPropertyNames()) {
+ for (String name : configProp.stringPropertyNames()) {
propVal.put(name, configProp.getProperty(name));
}
pdpResponse.setProperty(propVal);
@@ -387,11 +519,11 @@ public class PDPServices {
LOGGER.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "Config Not Found");
pdpResponse.setPolicyConfigStatus(PolicyConfigStatus.CONFIG_NOT_FOUND);
pdpResponse.setPolicyConfigMessage("Illegal form of Configuration Type Found.");
+ inputStream.close();
return pdpResponse;
}
LOGGER.info("config Retrieved " + pdpConfigLocation);
- pdpResponse.setStatus("Config Retrieved! ",
- PolicyResponseStatus.NO_ACTION_REQUIRED,
+ pdpResponse.setStatus("Config Retrieved! ", PolicyResponseStatus.NO_ACTION_REQUIRED,
PolicyConfigStatus.CONFIG_RETRIEVED);
return pdpResponse;
} catch (FileNotFoundException e) {
@@ -399,35 +531,104 @@ public class PDPServices {
throw new PDPException(XACMLErrorConstants.ERROR_DATA_ISSUE + "Error in ConfigURL", e);
} catch (IOException | ParserConfigurationException e) {
LOGGER.error(XACMLErrorConstants.ERROR_PROCESS_FLOW + e);
- throw new PDPException(XACMLErrorConstants.ERROR_PROCESS_FLOW +
- "Cannot open a connection to the configURL", e);
+ throw new PDPException(XACMLErrorConstants.ERROR_PROCESS_FLOW + "Cannot open a connection to the configURL",
+ e);
}
}
- private Response callPDP(Request request, UUID requestID){
+ /**
+ * Call pdp.
+ *
+ * @param request the request
+ * @param requestIdParam the request id param
+ * @return the response
+ */
+ public Response callPdp(Request request, UUID requestIdParam) {
+ policyList = new ArrayList<>();
Response response = null;
// Get the PDPEngine
- if (requestID == null) {
- requestID = UUID.randomUUID();
- LOGGER.debug("No request ID provided, sending generated ID: " + requestID.toString());
+ if (requestIdParam == null) {
+ requestIdParam = UUID.randomUUID();
+ LOGGER.debug("No request ID provided, sending generated ID: " + requestIdParam.toString());
} else {
- LOGGER.debug("Using provided request ID: " + requestID.toString());
+ LOGGER.debug("Using provided request ID: " + requestIdParam.toString());
}
PDPEngine pdpEngine = XACMLPdpServlet.getPDPEngine();
if (pdpEngine == null) {
String message = "PDPEngine not loaded.";
- LOGGER.error(XACMLErrorConstants.ERROR_PROCESS_FLOW + message);
+ LOGGER.error(XACMLErrorConstants.ERROR_PROCESS_FLOW + message + "\n RequestId : " + requestIdParam);
return response;
}
+ XACMLPdpServlet.monitor.pdpEvaluationAttempts();
// call the PDPEngine to decide and give the response on the Request.
+ long timeStart;
+ long timeEnd;
try {
- response = pdpEngine.decide(request);
- LOGGER.info("Response from the PDP is: \n" + JSONResponse.toString(response));
+ synchronized (XACMLPdpServlet.getPDPEngineLock()) {
+ timeStart = System.currentTimeMillis();
+ response = pdpEngine.decide(request);
+ timeEnd = System.currentTimeMillis();
+ }
+
+ String outgoingResponseString = null;
+ if (DECISION_RAW_XACML_JSON_TYPE.equalsIgnoreCase(requestFormat)) {
+ outgoingResponseString = JSONResponse.toString(response);
+ LOGGER.info("Response from the PDP is : \n" + JSONResponse.toString(response, true) + "\n RequestId : "
+ + requestIdParam + " pdpEngine : " + pdpEngine);
+ } else {
+ outgoingResponseString = DOMResponse.toString(response);
+ LOGGER.info("Response from the PDP is : \n" + DOMResponse.toString(response, true) + "\n RequestId : "
+ + requestIdParam + " pdpEngine : " + pdpEngine);
+ }
+
+ XACMLPdpServlet.monitor.computeLatency(timeEnd - timeStart);
+
+ // adding the jmx values for NA, Permit and Deny
+ //
+ if (outgoingResponseString.contains("NotApplicable")
+ || outgoingResponseString.contains("Decision not a Permit")) {
+ XACMLPdpServlet.monitor.pdpEvaluationNA();
+ }
+
+ if (outgoingResponseString.contains("Permit")
+ && !outgoingResponseString.contains("Decision not a Permit")) {
+ XACMLPdpServlet.monitor.pdpEvaluationPermit();
+ }
+
+ if (outgoingResponseString.contains("Deny")) {
+ XACMLPdpServlet.monitor.pdpEvaluationDeny();
+ }
} catch (Exception e) {
- LOGGER.error(XACMLErrorConstants.ERROR_PROCESS_FLOW + e);
+ LOGGER.error(XACMLErrorConstants.ERROR_PROCESS_FLOW + e + "\n RequestId : " + requestIdParam);
return null;
}
return response;
}
+ public String getRequestType() {
+ return requestType;
+ }
+
+ public void setRequestType(String requestType) {
+ this.requestType = requestType;
+ }
+
+ /**
+ * Returns the requestFormat.
+ *
+ * @return the requestFormat.
+ */
+ public String getRequestFormat() {
+ return requestFormat;
+ }
+
+ /**
+ * Set the Request Format.
+ *
+ * @param requestMode to set requestFormat.
+ */
+ public void setRequestFormat(String requestMode) {
+ this.requestFormat = requestMode;
+ }
+
}