Chapter 2. JBoss XACML Configuration
Prev   Next

Chapter 2. JBoss XACML Configuration

An configuration file can be used to define the various policies and policy sets that the PDP can use for evaluation. The schema file driving the configuration is shown below. 


<xs:schema>
   <xs:element>
      <xs:annotation>
         <xs:documentation>Root Element for JBoss XACML</xs:documentation>
      </xs:annotation>
   </xs:element>
   <xs:complexType>
      <xs:sequence>
         <xs:element></xs:element>
         <xs:element></xs:element>
      </xs:sequence>
   </xs:complexType>
   <xs:element></xs:element>
   <xs:complexType>
      <xs:sequence>
         <xs:element></xs:element>
         <xs:element></xs:element>
      </xs:sequence>
   </xs:complexType>
   <xs:complexType>
      <xs:sequence>
         <xs:element></xs:element>
         <xs:element></xs:element>
      </xs:sequence>
   </xs:complexType>
   <xs:complexType>
      <xs:sequence>
         <xs:element></xs:element>
      </xs:sequence>
   </xs:complexType>
   <xs:element></xs:element>
   <xs:complexType>
      <xs:sequence>
         <xs:element></xs:element>
      </xs:sequence>
   </xs:complexType>
   <xs:element>
      <xs:complexType>
         <xs:sequence>
            <xs:any></xs:any>
         </xs:sequence>
         <xs:attribute></xs:attribute>
      </xs:complexType>
   </xs:element>
   <xs:complexType>
      <xs:sequence>
         <xs:element></xs:element>
      </xs:sequence>
      <xs:attribute></xs:attribute>
   </xs:complexType>
</xs:schema>

The following is an example of a configuration file.


   <ns:jbosspdp>
  <ns:Policies>
    <ns:PolicySet>
      <ns:Location>test/policies/interop/xacml-policySet.xml</ns:Location>
      <ns:Policy>
         <ns:Location>test/policies/interop/xacml-policy2.xml</ns:Location>
      </ns:Policy>
      
      <ns:Policy>
         <ns:Location>test/policies/interop/xacml-policy3.xml</ns:Location>
      </ns:Policy>
      <ns:Policy>
         <ns:Location>test/policies/interop/xacml-policy4.xml</ns:Location>
      </ns:Policy>
      
      <ns:Policy>
         <ns:Location>test/policies/interop/xacml-policy5.xml</ns:Location>
      </ns:Policy>
      
    </ns:PolicySet>
  </ns:Policies>
  <ns:Locators>
    <ns:Locator> 
    </ns:Locator>
  </ns:Locators>
</ns:jbosspdp>

As shown in the configuration file, you can define a policy set with enclosing policies. If you do not need any policy sets, but want to define 1 or more policies, you can do so. The location of a policy/policy set has to conform to the java.net.URL format (or you can provide a relative location as shown in the above configuration file).

The PDP makes use of PolicyLocator(s) for policies. Each of these policy locators are asked for a policy when a request is being evaluated. The default locator that is provided with JBossXACML is the org.jboss.security.xacml.locators.JBossPolicySetLocator

You will need to provide at least 1 locator.

Prev   Next
Chapter 1. Introduction to JBoss XACML Home Chapter 3. Introduction to JBoss XACML PDP