How do I unmarshall this XACML XML snippet using JAXB?

368 views Asked by At
<Policy xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17"
    PolicyId="ClientType"
    RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:first-applicable"
    Version="1.0">
<Target>
<AnyOf>
            <AllOf>
                <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
                    <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Reply</AttributeValue>
                    <AttributeDesignator
                        AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id"
                        Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action"
                        DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="true" />
                </Match>
            </AllOf>
        </AnyOf>
    </Target>

    <Rule Effect="Permit" RuleId="Rule_for_all">
        <Target>
            <AnyOf>
                <AllOf>
                    <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
                        <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">A</AttributeValue>
                        <AttributeDesignator AttributeId="Reply"
                            Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject"
                            DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="true" />
                    </Match>
                </AllOf>
            </AnyOf>
        </Target>
    </Rule>
    <Rule Effect="deny" RuleId="Rule_deny_all" />
</Policy>

Please help me to unmarshall this xml using JAXB. I tried doing it but in between I got confused and got error. I have a quite big xml file but this fragment will help me understand.

1

There are 1 answers

2
David Brossard On

The fragment you sent is actually an incomplete XML fragment. It's lacking for instance the closing </Policy> element.

The fragment you sent corresponds to a XACML 3.0 policy. This means that before you close the policy you should also have 1 or more rules (technically the schema does allow zero rules but that doesn't make sense).

To marshall and unmarshall using JAX-B, you need to use the XACML 3.0 schema which you can find here. It's pretty straightforward to configure JAXB to create the Java objects based on that schema. You'll need to create a simple XJB file to configure the marshalling.

That said, considering there are several XACML engines out there (both open source and vendor such as the one I work for, Axiomatics), what's your rationale for implementing a XACML parser yourself?

Cheers, David.