The first time you sign into developerWorks, a profile is created for you. Select information in your developerWorks profile is displayed to the public, but you may edit the information at any time. Your first name, last name (unless you choose to hide them), and display name will accompany the content that you post.

All information submitted is secure.

The first time you sign in to developerWorks, a profile is created for you, so you need to choose a display name. Your display name accompanies the content you post on developerworks.

Please choose a display name between 3-31 characters. Your display name must be unique in the developerWorks community and should not be your email address for privacy reasons.

All information submitted is secure.

My developerWorks:

My notifications:

Sign out

Select a language:

Control information access with XACML

The objectives, architecture, and basic concepts of eXtensible Access Control Markup Language

Return to article

Listing 5. Creating a PEP

public static void main(String[] args) throws Exception {
  // Create the new request.
  // Environment hashset is empty
  RequestCtx request =
      new RequestCtx(
          setupSubjects(),
          setupResource(),
          setupAction(),
          new HashSet());

  // Encode the request and print it to standard out
  request.encode(System.out, new Indenter());
}


public static Set setupSubjects() throws URISyntaxException {
  HashSet attributes = new HashSet();

  // Set up the ID and value for the requesting subject
  URI subjectId = new
  URI("urn:oasis:names:tc:xacml:1.0:subject:subject-id");
  RFC822NameAttribute value = new RFC822NameAttribute("mverma@secf.com");

  // Create the subject section with two attributes, the first with
  // the subject's identity...
  attributes.add(new Attribute(subjectId, null, null, value));
  // ...and the second with the subject's group membership

  URI groupId = new URI("group");
  StringAttribute stringAttribValue = new StringAttribute("owner");

  attributes.add(new Attribute(groupId,null,null,stringAttribValue));

  // Bundle the attributes in a subject with the default category
  HashSet subjects = new HashSet();
  subjects.add(new Subject(attributes));

  return subjects;
}

public static Set setupResource() throws URISyntaxException {
  HashSet resource = new HashSet();

  // The resource being requested
  AnyURIAttribute value =
      new AnyURIAttribute(new URI("file:///D:/Documents/Administrator/Desktop/Project Plan.html"));

  // Create the resource using a standard, required identifier for
  // the resource being requested
  resource.add(
      new Attribute(
          new URI(EvaluationCtx.RESOURCE_ID),
          null,
          null,
          value));

  return resource;
}
public static Set setupAction() throws URISyntaxException {
  HashSet action = new HashSet();

  // This is a standard URI that can optionally be used to specify
  // the action being requested
  URI actionId = new URI("urn:oasis:names:tc:xacml:1.0:action:action-id");

  // Create the action
  action.add(
      new Attribute(actionId, null, null, new StringAttribute("open")));

  return action;
}

Return to article

My developerWorks:

My notifications:

Select a language:

Technical topics

Evaluation software

Community

Events

Control information access with XACML

Share this page:

Follow developerWorks: