Unmarshalling XACML Policie file with opensaml

Question

Could any one please give me a link of a good tutorial that could give me an idea how i could build a XACMLObject using openSAML2 api from the policie file ? Thanks

Answer 1

I haven't use OpenSAML library for this purpose. But I have used for some other purpose which involved XACML requests and responses. Following may help you to get an idea. It is creating a XACMLRequest from a String.

private String extractXACMLRequest(String decisionQuery) throws Exception {
    RequestType xacmlRequest = null;
    doBootstrap();
    String queryString = null;
    XACMLAuthzDecisionQueryType xacmlAuthzDecisionQuery;
    try {
        xacmlAuthzDecisionQuery = (XACMLAuthzDecisionQueryType) unmarshall(decisionQuery);
        //Access the XACML request only if Issuer and the Signature are valid.
        if (validateIssuer(xacmlAuthzDecisionQuery.getIssuer())) {
                if (validateSignature(xacmlAuthzDecisionQuery.getSignature())) {
                    xacmlRequest = xacmlAuthzDecisionQuery.getRequest();
                } else {
                    log.debug("The submitted signature is not valid!");
                }
        } else {
            log.debug("The submitted issuer is not valid!");
        }

        if (xacmlRequest != null) {
            queryString = marshall(xacmlRequest);
            queryString = queryString.replace("<?xml version=\"1.0\" encoding=\"UTF-8\"?>", "").replace("\n", "");
        }
        return queryString;
    } catch (Exception e) {
        log.error("Error unmarshalling the XACMLAuthzDecisionQuery.", e);
        throw new Exception("Error unmarshalling the XACMLAuthzDecisionQuery.", e);
    }

}

Answer 2

You want to use sunXACML or JAXB to marshall / unmarshall XACML policies not openSAML2.