-
Notifications
You must be signed in to change notification settings - Fork 24
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Enable PDP extensions (e.g. Functions) to return an error about invalid attribute values in form of XACML <StatusDetail> / <MissingAttributeDetail>s #69
Comments
….g. Functions) to return an error about invalid attribute values in form of XACML <StatusDetail> / <MissingAttributeDetail>s) - BaseXacmlJaxbRequestPreprocessor class: new constructor arg: custom parser of named Attributes, to customize how XACML Attributes are converted into instance of AuthzForce internal Attribute class - Missing-attribute errors from AttributeDesignator expressions now returned in XACML StatusDetail/MissingAttributeDetail - API enhancement: ImmutableXacmlStatus and IndeterminateEvaluationException classes: new constructors supporting XACML MissingAttributeDetail element
…n error about invalid attribute values in form of XACML <StatusDetail> / <MissingAttributeDetail>s) with example of custom RequestPreprocessor (CustomTestRequestPreprocessorFactory) and custom function (TestExtensibleSimpleValueEqualFunction) for unit test - Added use of StatusDetail/MissingAttributeDetail in AttributeSelector expression evaluation when missing named Attribute(s) - Upgraded dependency authzforce-ce-core-pdp-api: 21.3.0 - SingleDecisionXacmlJaxbRequestPreprocessor class improved: new constructor with argument `namedAttributeParser` (custom parser of named Attributes, to customize how XACML Attributes are converted into instance of AuthzForce internal Attribute class)
Now supported in latest release 20.2.0. See the example of custom RequestPreprocessor (PDP extension) adding AttributeId/Category to custom AttributeValues (PDP extension) and the custom function (PDP extension) using this info to throw a standard |
Great! Thank you very much for this quick turnaround! At the moment I am using these dependencies: <dependency>
<groupId>org.ow2.authzforce</groupId>
<artifactId>authzforce-ce-core-pdp-api</artifactId>
<version>21.2.0</version>
</dependency>
<dependency>
<groupId>org.ow2.authzforce</groupId>
<artifactId>authzforce-ce-core-pdp-testutils</artifactId>
<version>20.1.1</version>
</dependency> and I do not see any new version at Maven Repository... Which would be the corresponding versions for my dependencies once this new feature is out on Maven? |
Version 20.2.0 of authzforce-ce-core-pdp-engine for XACML/XML; |
Additional feature request
When the processing is aborted inside a function with Indeterminate, the current implementation does not support to provide further detailed information
<StatusDetail>
inside the IndeterminateEvaluationException / ImmutableXacmlStatus.Asked Feature
Support to populate
<MissingAttributeDetail>
inside the<StatusDetail>
Example
In the context of implementing an extension for GeoXACML, the following response is an example stating that the AttributeValue "subject-location" was missing from the request. The specific aspect is that an AttributeValue must be encoded using a particular CRS. This example "tells" the PEP that the Attribute 'subject-location' must be sent with CRS=3857 encoded coordinates.
The text was updated successfully, but these errors were encountered: