[Previous entry: "SecPAL Progress"] [Next entry: "SecPAL and Software Licenses"]

07/30/2007: "SecPAL Development"

The folllowing snipet of code is the JAVA implementation of the canActAs example that you can find in the .NET implementation. I find it cool that both API's (NET and JAVA) are identical (well almost) as this promotes interoperability between Linux/Windows developers. In addition it allows developers to build on their .NET experience (from the released version) rather than learn the JAVA API from scratch. I will put some screenshots up from a GUI that demonstrates SecPAL policies soon.

package org.secpal.test;

import org.secpal.*;
import java.util.ArrayList;
import java.util.List;

public class CanActAsScenario {

private KeyHolderPrincipal stsPrincipal = new KeyHolderPrincipal("K-STS");

public List getPolicies() {
List policies = new ArrayList();
List claims = new ArrayList();


claims.add(
new Claim(
new CanSayFact(
this.stsPrincipal,
new PossessFact(
new PrincipalVariable("p"),
new AttributeVariable("a"),
new FactQualifier(
new DateTimeVariable("t1"),
new DateTimeVariable("t2"),
new LocationVariable("f"),
new DurationVariable("ts")))),
new Constraint[] {
new DurationConstraint("t1", "t2", 366, 0, 0, 0),
new TemporalConstraint("t1", "t2"),
new AttributeMatchConstraint(
"a",
AttributeType.RFC_822_NAME,
new String[] {".*@fabrikam\\.com"}) }));

claims.add(
new Claim(
new ActionFact(
new PrincipalVariable("p"),
ActionVerbs.READ,
new Resource(
"digitalContent",
"file:///public/")),
new Fact[]{new PossessFact(
new PrincipalVariable("p"),
new AttributeVariable("a"))},
new Constraint[]{ new AttributeMatchConstraint(
"a",
AttributeType.RFC_822_NAME,
new String[]{".*@fabrikam\\.com"})}));


claims.add(
new Claim(
new CanSayFact(
this.stsPrincipal,
new CanActAsFact(
new PrincipalVariable("x"),
new PrincipalVariable("y")))));

policies.add(
new Policy(
new PrincipalIssuer(new LocalAuthorityPrincipal()),
claims));

return policies;
}
}