diff options
author | Chenfei Gao <cgao@research.att.com> | 2020-02-28 14:45:48 -0500 |
---|---|---|
committer | Chenfei Gao <cgao@research.att.com> | 2020-02-28 14:45:55 -0500 |
commit | bdef9f5dfd8c95eff86e710ef94c1fab4e652854 (patch) | |
tree | bcc7327976e890e3fec352a4dbf8d1f150e98bda /applications/native/src/test/resources/policies/native.policy.xml | |
parent | fcd767926048397607d9e0f0288f2a0982f6bbcc (diff) |
Build XACML PDP support for native xacml policy type
Added a new native application to the service loader framework
Added a new translator for the native application
Added custom serialization providers for xacml+json and xacml+xml
Added a new endpoint for native xacml decision api
Added a new api provider function to handle the native xacml api calls
Added corresponding junit tests
Issue-ID: POLICY-2182
Change-Id: I30fa4637612c324d543f9952386cf1a27a52d76c
Signed-off-by: Chenfei Gao <cgao@research.att.com>
Diffstat (limited to 'applications/native/src/test/resources/policies/native.policy.xml')
-rw-r--r-- | applications/native/src/test/resources/policies/native.policy.xml | 44 |
1 files changed, 44 insertions, 0 deletions
diff --git a/applications/native/src/test/resources/policies/native.policy.xml b/applications/native/src/test/resources/policies/native.policy.xml new file mode 100644 index 00000000..d6e4f4fb --- /dev/null +++ b/applications/native/src/test/resources/policies/native.policy.xml @@ -0,0 +1,44 @@ +<?xml version="1.0" encoding="UTF-8" standalone="no"?> +<Policy xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" PolicyId="urn:oasis:names:tc:xacml:2.0:conformance-test:IIA1:policy" RuleCombiningAlgId="urn:oasis:names:tc:xacml:3.0:rule-combining-algorithm:deny-overrides" Version="1.0" xsi:schemaLocation="urn:oasis:names:tc:xacml:3.0:policy:schema:os access_control-xacml-2.0-policy-schema-os.xsd"> + <Description> + Policy for Conformance Test IIA001. + </Description> + <Target/> + <Rule Effect="Permit" RuleId="urn:oasis:names:tc:xacml:2.0:conformance-test:IIA1:rule"> + <Description> + Julius Hibbert can read or write Bart Simpson's medical record. + </Description> + <Target> + <AnyOf> + <AllOf> + <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Julius Hibbert</AttributeValue> + <AttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id" Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + <AnyOf> + <AllOf> + <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:anyURI-equal"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#anyURI">http://medico.com/record/patient/BartSimpson</AttributeValue> + <AttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" DataType="http://www.w3.org/2001/XMLSchema#anyURI" MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + <AnyOf> + <AllOf> + <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">read</AttributeValue> + <AttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + </AllOf> + <AllOf> + <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">write</AttributeValue> + <AttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + </Target> + </Rule> +</Policy> |