cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1503624 - /cxf/trunk/rt/security/src/main/java/org/apache/cxf/rt/security/xacml/DefaultXACMLRequestBuilder.java
Date Tue, 16 Jul 2013 09:21:30 GMT
Author: coheigea
Date: Tue Jul 16 09:21:29 2013
New Revision: 1503624

URL: http://svn.apache.org/r1503624
Log:
Send multiple roles as XACML AttributeValues of a single Attribute

Modified:
    cxf/trunk/rt/security/src/main/java/org/apache/cxf/rt/security/xacml/DefaultXACMLRequestBuilder.java

Modified: cxf/trunk/rt/security/src/main/java/org/apache/cxf/rt/security/xacml/DefaultXACMLRequestBuilder.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/security/src/main/java/org/apache/cxf/rt/security/xacml/DefaultXACMLRequestBuilder.java?rev=1503624&r1=1503623&r2=1503624&view=diff
==============================================================================
--- cxf/trunk/rt/security/src/main/java/org/apache/cxf/rt/security/xacml/DefaultXACMLRequestBuilder.java
(original)
+++ cxf/trunk/rt/security/src/main/java/org/apache/cxf/rt/security/xacml/DefaultXACMLRequestBuilder.java
Tue Jul 16 09:21:29 2013
@@ -28,6 +28,7 @@ import org.apache.cxf.message.Message;
 import org.joda.time.DateTime;
 import org.opensaml.xacml.ctx.ActionType;
 import org.opensaml.xacml.ctx.AttributeType;
+import org.opensaml.xacml.ctx.AttributeValueType;
 import org.opensaml.xacml.ctx.EnvironmentType;
 import org.opensaml.xacml.ctx.RequestType;
 import org.opensaml.xacml.ctx.ResourceType;
@@ -96,20 +97,38 @@ public class DefaultXACMLRequestBuilder 
         attributes.add(createAttribute(XACMLConstants.SUBJECT_ID, XACMLConstants.XS_STRING,
issuer,
                                        principal.getName()));
 
-        for (String role : roles) {
-            if (role != null) {
-                attributes.add(createAttribute(XACMLConstants.SUBJECT_ROLE, XACMLConstants.XS_ANY_URI,
-                                               issuer, role));
+        if (roles != null) {
+            List<AttributeValueType> roleAttributes = new ArrayList<AttributeValueType>();
+            for (String role : roles) {
+                if (role != null) {
+                    AttributeValueType subjectRoleAttributeValue = 
+                        RequestComponentBuilder.createAttributeValueType(role);
+                    roleAttributes.add(subjectRoleAttributeValue);
+                }
+            }
+
+            if (!roleAttributes.isEmpty()) {
+                AttributeType subjectRoleAttribute = 
+                    createAttribute(
+                        XACMLConstants.SUBJECT_ROLE,
+                        XACMLConstants.XS_ANY_URI,
+                        issuer,
+                        roleAttributes
+                    );
+                attributes.add(subjectRoleAttribute);
             }
         }
 
         return RequestComponentBuilder.createSubjectType(attributes, null);
     }
 
+    private AttributeType createAttribute(String id, String type, String issuer, List<AttributeValueType>
values) {
+        return RequestComponentBuilder.createAttributeType(id, type, issuer, values);
+    }
+    
     private AttributeType createAttribute(String id, String type, String issuer, String value)
{
-        return RequestComponentBuilder.createAttributeType(id, type, issuer, 
-                                                           Collections.singletonList(
-                                                           RequestComponentBuilder.createAttributeValueType(value)));
+        return createAttribute(id, type, issuer, 
+                               Collections.singletonList(RequestComponentBuilder.createAttributeValueType(value)));
     }
 
     /**



Mime
View raw message