diff options
Diffstat (limited to 'PolicyEngineAPI/Test/PDP_settings')
3 files changed, 642 insertions, 0 deletions
diff --git a/PolicyEngineAPI/Test/PDP_settings/test_PolicyEngine.xml b/PolicyEngineAPI/Test/PDP_settings/test_PolicyEngine.xml new file mode 100644 index 000000000..343ec7c55 --- /dev/null +++ b/PolicyEngineAPI/Test/PDP_settings/test_PolicyEngine.xml @@ -0,0 +1,595 @@ +<?xml version="1.0" encoding="UTF-8" standalone="yes"?> +<!-- + ============LICENSE_START======================================================= + PolicyEngineAPI + ================================================================================ + Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. + ================================================================================ + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + ============LICENSE_END========================================================= + --> + +<Policy xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" PolicyId="urn:com:xacml:policy:id:03e0d98f-90e4-4457-bd78-3ddec62e27d5" Version="1" RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:first-applicable"> + <Description>Test Policies for the ProtoType PolicyEngineAPI</Description> + <Target/> + <VariableDefinition VariableId="ResetVM"> + <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:or"> + <Description>Check if the CPU Utilization or Memory reach the threshold values. </Description> + <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-greater-than"> + <Description>CPU</Description> + <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-one-and-only"> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="com:att:labs:ecomp:resource:vm:cpu" DataType="http://www.w3.org/2001/XMLSchema#integer" MustBePresent="true"/> + </Apply> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#integer">95</AttributeValue> + </Apply> + <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-greater-than"> + <Description>Memory</Description> + <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-one-and-only"> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="com:att:labs:ecomp:resource:vm:memory" DataType="http://www.w3.org/2001/XMLSchema#integer" MustBePresent="true"/> + </Apply> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#integer">95</AttributeValue> + </Apply> + </Apply> + </VariableDefinition> + <VariableDefinition VariableId="SpinOffVM"> + <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:or"> + <Description>Spinoff if the VM if CPU or memory value reaches the threshold</Description> + <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-greater-than"> + <Description>CPU</Description> + <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-one-and-only"> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="com:att:labs:ecomp:resource:vm:cpu" DataType="http://www.w3.org/2001/XMLSchema#integer" MustBePresent="true"/> + </Apply> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#integer">90</AttributeValue> + </Apply> + <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-greater-than"> + <Description>Memory</Description> + <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-one-and-only"> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="com:att:labs:ecomp:resource:vm:memory" DataType="http://www.w3.org/2001/XMLSchema#integer" MustBePresent="true"/> + </Apply> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#integer">90</AttributeValue> + </Apply> + </Apply> + </VariableDefinition> + <Rule RuleId="urn:com:xacml:rule:id:2a815211-f387-47ee-9b15-4b6a0f15b31f" Effect="Permit"> + <Description>Json Test</Description> + <Target> + <AnyOf> + <AllOf> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">JSON</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">ACCESS</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action" AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Config</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + </Target> + <AdviceExpressions> + <AdviceExpression AdviceId="com.att.labs.ecomp.advice.config" AppliesTo="Permit"> + <AttributeAssignmentExpression AttributeId="com.att.labs.ecomp.advice.key" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Configuration</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="com.att.labs.ecomp.advice.value" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#anyURI">http://localhost:5443/config/test_json.json</AttributeValue> + </AttributeAssignmentExpression> + </AdviceExpression> + </AdviceExpressions> + </Rule> + <Rule RuleId="urn:com:xacml:rule:id:2a815212-f387-47ee-9b15-4b6a0f15b31f" Effect="Permit"> + <Description>Json + Config test</Description> + <Target> + <AnyOf> + <AllOf> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">JSON</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">JSONconfig</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">ACCESS</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action" AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Config</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + </Target> + <AdviceExpressions> + <AdviceExpression AdviceId="com.att.labs.ecomp.advice.config" AppliesTo="Permit"> + <AttributeAssignmentExpression AttributeId="com.att.labs.ecomp.advice.key" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Configuration</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="com.att.labs.ecomp.advice.value" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#anyURI">http://localhost:5443/config/test_json.json</AttributeValue> + </AttributeAssignmentExpression> + </AdviceExpression> + </AdviceExpressions> + </Rule> + <Rule RuleId="urn:com:xacml:rule:id:2a815211-f387-47ee-9b15-4bfa0f15f568" Effect="Permit"> + <Description>XML test</Description> + <Target> + <AnyOf> + <AllOf> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">XML</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">ACCESS</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action" AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Config</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + </Target> + <AdviceExpressions> + <AdviceExpression AdviceId="com.att.labs.ecomp.advice.config" AppliesTo="Permit"> + <AttributeAssignmentExpression AttributeId="com.att.labs.ecomp.advice.key" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Configuration</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="com.att.labs.ecomp.advice.value" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#anyURI">http://localhost:5443/config/test_xml.xml</AttributeValue> + </AttributeAssignmentExpression> + </AdviceExpression> + </AdviceExpressions> + </Rule> + <Rule RuleId="urn:com:xacml:rule:id:2a815212-f387-47ee-9b15-4bfa0f15f568" Effect="Permit"> + <Description>XML + Config test</Description> + <Target> + <AnyOf> + <AllOf> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">XML</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">XMLConfig</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">ACCESS</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action" AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Config</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + </Target> + <AdviceExpressions> + <AdviceExpression AdviceId="com.att.labs.ecomp.advice.config" AppliesTo="Permit"> + <AttributeAssignmentExpression AttributeId="com.att.labs.ecomp.advice.key" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Configuration</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="com.att.labs.ecomp.advice.value" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#anyURI">http://localhost:5443/config/test_xml.xml</AttributeValue> + </AttributeAssignmentExpression> + </AdviceExpression> + </AdviceExpressions> + </Rule> + <Rule RuleId="urn:com:xacml:rule:id:2a815211-f387-47ee-9b15-4b6a5287f3af" Effect="Permit"> + <Description>Properties Test</Description> + <Target> + <AnyOf> + <AllOf> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Properties</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">ACCESS</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action" AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Config</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + </Target> + <AdviceExpressions> + <AdviceExpression AdviceId="com.att.labs.ecomp.advice.config" AppliesTo="Permit"> + <AttributeAssignmentExpression AttributeId="com.att.labs.ecomp.advice.key" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Configuration</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="com.att.labs.ecomp.advice.value" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#anyURI">http://localhost:5443/config/test_prop.properties</AttributeValue> + </AttributeAssignmentExpression> + </AdviceExpression> + </AdviceExpressions> + </Rule> + <Rule RuleId="urn:com:xacml:rule:id:2a815212-f387-47ee-9b15-4b6a5287f3af" Effect="Permit"> + <Description>Properties + Config Test</Description> + <Target> + <AnyOf> + <AllOf> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Properties</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">PropConfig</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">ACCESS</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action" AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Config</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + </Target> + <AdviceExpressions> + <AdviceExpression AdviceId="com.att.labs.ecomp.advice.config" AppliesTo="Permit"> + <AttributeAssignmentExpression AttributeId="com.att.labs.ecomp.advice.key" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Configuration</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="com.att.labs.ecomp.advice.value" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#anyURI">http://localhost:5443/config/test_prop.properties</AttributeValue> + </AttributeAssignmentExpression> + </AdviceExpression> + </AdviceExpressions> + </Rule> + <Rule RuleId="urn:com:xacml:rule:id:2a815211-f387-47ee-9b15-4b7a5287f3af" Effect="Permit"> + <Description>Other Test</Description> + <Target> + <AnyOf> + <AllOf> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Other</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">ACCESS</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action" AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Config</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + </Target> + <AdviceExpressions> + <AdviceExpression AdviceId="com.att.labs.ecomp.advice.config" AppliesTo="Permit"> + <AttributeAssignmentExpression AttributeId="com.att.labs.ecomp.advice.key" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Configuration</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="com.att.labs.ecomp.advice.value" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#anyURI">http://localhost:5443/config/test_other.txt</AttributeValue> + </AttributeAssignmentExpression> + </AdviceExpression> + </AdviceExpressions> + </Rule> + <Rule RuleId="urn:com:xacml:rule:id:2a815212-f387-47ee-9b15-4b8a5287f3af" Effect="Permit"> + <Description>Other + Config Test</Description> + <Target> + <AnyOf> + <AllOf> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Other</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">OtherConfig</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">ACCESS</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action" AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Config</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + </Target> + <AdviceExpressions> + <AdviceExpression AdviceId="com.att.labs.ecomp.advice.config" AppliesTo="Permit"> + <AttributeAssignmentExpression AttributeId="com.att.labs.ecomp.advice.key" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Configuration</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="com.att.labs.ecomp.advice.value" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#anyURI">http://localhost:5443/config/test_other.txt</AttributeValue> + </AttributeAssignmentExpression> + </AdviceExpression> + </AdviceExpressions> + </Rule> + <Rule RuleId="urn:com:xacml:rule:id:786aded3-49c4-43da-9e16-77be6b522f04" Effect="Permit"> + <Description> JSON + Attributes </Description> + <Target> + <AnyOf> + <AllOf> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">JSON</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">JSONconfig</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">TestSubject</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="Subject.com:test:subject:json" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">ACCESS</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action" AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">TestJSON</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="Action.com:test:action:json" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Config</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Test</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="Resource.com:test:resource:json" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + </Target> + <AdviceExpressions> + <AdviceExpression AdviceId="com.att.labs.ecomp.advice.config" AppliesTo="Permit"> + <AttributeAssignmentExpression AttributeId="com.att.labs.ecomp.advice.key" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Configuration</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="com.att.labs.ecomp.advice.value" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#anyURI">http://localhost:5443/config/test_json.json</AttributeValue> + </AttributeAssignmentExpression> + </AdviceExpression> + </AdviceExpressions> + </Rule> + <Rule RuleId="urn:com:xacml:rule:id:6311eb9c-ec15-43d5-9f16-17c14b300e6d" Effect="Permit"> + <Description> XML + Attributes </Description> + <Target> + <AnyOf> + <AllOf> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">XML</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">XMLConfig</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">TestSubject</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="Subject.com:test:subject:json" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">ACCESS</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action" AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">TestJSON</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="Action.com:test:action:json" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Config</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Test</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="Resource.com:test:resource:json" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + </Target> + <AdviceExpressions> + <AdviceExpression AdviceId="com.att.labs.ecomp.advice.config" AppliesTo="Permit"> + <AttributeAssignmentExpression AttributeId="com.att.labs.ecomp.advice.key" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Configuration</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="com.att.labs.ecomp.advice.value" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#anyURI">http://localhost:5443/config/test_xml.xml</AttributeValue> + </AttributeAssignmentExpression> + </AdviceExpression> + </AdviceExpressions> + </Rule> + <Rule RuleId="urn:com:xacml:rule:id:1148b345-4836-4853-96fc-84c1d37f4dbd" Effect="Permit"> + <Description> Prop + Attributes </Description> + <Target> + <AnyOf> + <AllOf> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Properties</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">PropConfig</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">TestSubject</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="Subject.com:test:subject:json" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">ACCESS</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action" AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">TestJSON</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="Action.com:test:action:json" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Config</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Test</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="Resource.com:test:resource:json" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + </Target> + <AdviceExpressions> + <AdviceExpression AdviceId="com.att.labs.ecomp.advice.config" AppliesTo="Permit"> + <AttributeAssignmentExpression AttributeId="com.att.labs.ecomp.advice.key" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Configuration</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="com.att.labs.ecomp.advice.value" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#anyURI">http://localhost:5443/config/test_prop.properties</AttributeValue> + </AttributeAssignmentExpression> + </AdviceExpression> + </AdviceExpressions> + </Rule> + <Rule RuleId="urn:com:xacml:rule:id:786aded3-49c4-43da-9e16-77b86b522f04" Effect="Permit"> + <Description> Other + Attributes </Description> + <Target> + <AnyOf> + <AllOf> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Other</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Otherconfig</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">TestSubject</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="Subject.com:test:subject:json" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">ACCESS</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action" AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">TestJSON</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="Action.com:test:action:json" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Config</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Test</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="Resource.com:test:resource:json" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + </Target> + <AdviceExpressions> + <AdviceExpression AdviceId="com.att.labs.ecomp.advice.config" AppliesTo="Permit"> + <AttributeAssignmentExpression AttributeId="com.att.labs.ecomp.advice.key" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Configuration</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="com.att.labs.ecomp.advice.value" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#anyURI">http://localhost:5443/config/test_other.txt</AttributeValue> + </AttributeAssignmentExpression> + </AdviceExpression> + </AdviceExpressions> + </Rule> + <!-- <Rule RuleId="urn:com:xacml:rule:id:a5b3007a-853a-47f0-a4c2-56912b47d74a" Effect="Permit"> + <Description>test if this is working </Description> + + </Rule> --> + <Rule RuleId="urn:com:xacml:rule:id:596bb33b-c0ab-4840-9f8f-aebb0b603f37" Effect="Permit"> + <Description>Permit to RESET VM if the values reach the threshold settings.</Description> + <Target> + <AnyOf> + <AllOf> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Restart</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + </Target> + <Condition> + <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:boolean-equal"> + <Description>Restart VM if this condition is met</Description> + <VariableReference VariableId="ResetVM"/> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#boolean">true</AttributeValue> + </Apply> + </Condition> + <ObligationExpressions> + <ObligationExpression ObligationId="com.att.labs.ecomp.obligation" FulfillOn="Permit"> + <AttributeAssignmentExpression AttributeId="com.att.labs.ecomp.obligation.restart" Category="urn:oasis:names:tc:xacml:1.0:subject-category:recipient-subject"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Restart</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="com.att.labs.ecomp.obligation.server" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="com:att:labs:ecomp:resource:server:name" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="true"/> + </AttributeAssignmentExpression> + </ObligationExpression> + </ObligationExpressions> + </Rule> + <Rule RuleId="urn:com:xacml:rule:id:596db34b-c0ab-4841-9f9d-aedb07603f39" Effect="Permit"> + <Description>Permit to SpinOff VM if the values reach the threshold settings.</Description> + <Target> + <AnyOf> + <AllOf> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">SpinOff</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + </Target> + <Condition> + <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:boolean-equal"> + <Description>SpinOff VM if this condition is met</Description> + <VariableReference VariableId="SpinOffVM"/> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#boolean">true</AttributeValue> + </Apply> + </Condition> + <ObligationExpressions> + <ObligationExpression ObligationId="com.att.labs.ecomp.obligation" FulfillOn="Permit"> + <AttributeAssignmentExpression AttributeId="com.att.labs.ecomp.obligation.spinoff" Category="urn:oasis:names:tc:xacml:1.0:subject-category:recipient-subject"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">SpinOff</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="performer" Category="urn:oasis:names:tc:xacml:1.0:subject-category:recipient-subject"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">PDPAction</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="type" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">REST</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="com.att.labs.ecomp.obligation.server" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="com:att:labs:ecomp:resource:server:name" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="true"/> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="method" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">GET</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="URL" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#anyURI">http://localhost:8635/RESTjson/PDP/VM/$com.att.labs.ecomp.obligation.spinoff/$com.att.labs.ecomp.obligation.server</AttributeValue> + </AttributeAssignmentExpression> + </ObligationExpression> + </ObligationExpressions> + </Rule> + <Rule RuleId="urn:com:xacml:rule:id:c2430bab-c2a1-4686-b885-67f8036a1e52" Effect="Deny"> + <Description>Deny all the other requests.</Description> + <Target/> + </Rule> +</Policy> diff --git a/PolicyEngineAPI/Test/PDP_settings/xacml.pip.properties b/PolicyEngineAPI/Test/PDP_settings/xacml.pip.properties new file mode 100644 index 000000000..e703811b7 --- /dev/null +++ b/PolicyEngineAPI/Test/PDP_settings/xacml.pip.properties @@ -0,0 +1,23 @@ +### +# ============LICENSE_START======================================================= +# PolicyEngineAPI +# ================================================================================ +# Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +### + +# PIP Engine Definition +# +xacml.pip.engines= diff --git a/PolicyEngineAPI/Test/PDP_settings/xacml.policy.properties b/PolicyEngineAPI/Test/PDP_settings/xacml.policy.properties new file mode 100644 index 000000000..dd304bf90 --- /dev/null +++ b/PolicyEngineAPI/Test/PDP_settings/xacml.policy.properties @@ -0,0 +1,24 @@ +### +# ============LICENSE_START======================================================= +# PolicyEngineAPI +# ================================================================================ +# Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +### + +# Policies to load +# +xacml.rootPolicies=useCase +useCase.file=config/test_PolicyEngine.xml |