Oracle Entitlements Server offers two types of query requests. You can request a list of all actions for a particular Resource (and its children), or you can request complete authorization results for a particular Resource (and its children). Both types of queries will retrieve results for all instantiated Resources of a given Resource Type.
package com.mindtelligent.oes.util;
import java.util.*;
import com.bea.security.*;
import java.io.FileWriter;
import java.io.PrintWriter;
import org.openliberty.openaz.azapi.constants.PepRequestQueryType;
import weblogic.security.principal.*;
import javax.security.auth.*;
import java.security.*;
import java.security.acl.Group;
import weblogic.security.principal.WLSUserImpl;
import weblogic.security.principal.WLSGroupImpl;
import javax.security.auth.spi.LoginModule;
import oracle.security.jps.openaz.pep.PepRequestFactoryImpl;
import org.openliberty.openaz.azapi.pep.Obligation;
import org.openliberty.openaz.azapi.pep.PepException;
import org.openliberty.openaz.azapi.pep.PepResponse;
public class PEPQuery {
public static void main(String[] args) {
Subject user = new Subject();
Principal p = new WLSUserImpl("hsaluja");
user.getPrincipals().add(p);
Principal g = new WLSGroupImpl("MindTelligentCRMUsers");
user.getPrincipals().add(g);
// Resource being accessed AppName/ResourceType/ResouceName
String resourceString = "CRMApplication/CRMResourceType/CRMResource";
// Action initiated by the user
String action = "access";
// String action = "close";
// Environmental/Context attributes
Map env = new HashMap();
env.put("isEmployee","true");
// Simple grant-deny call
while (true) {
try {
// get Authorization response from OES
long start = System.currentTimeMillis();
PepResponse response;
response =
PepRequestFactoryImpl.getPepRequestFactory().newPepRequest(user,
action,
resourceString,
env).decide();
long end = System.currentTimeMillis();
System.out.println("Time: " + (end - start) + "ms");
System.out.println("Request: {" + user.toString() + ", " +
action + ", " + resourceString +
"} \nResult: " + response.allowed() +
"\n Obligation(s) :");
// Process the Obligations and write them to a file
Map<String, Obligation> obs = response.getObligations();
if (obs != null && !obs.isEmpty()) {
for (Map.Entry<String, Obligation> entry :
obs.entrySet()) {
PrintWriter out =
new PrintWriter(new FileWriter("/home/oracle/obligation.txt"));
System.out.println(entry.getValue().getStringValues().values());
//out.close();
}
}
} catch (PepException e) {
System.out.println("***** Caught exception: " +
e.getMessage());
e.printStackTrace();
System.exit(1);
} catch (Exception ex) {
StackTraceElement[] elements = ex.getStackTrace();
for (int i = 0; i > elements.length; i++) {
System.out.println(elements[i]);
}
ex.printStackTrace();
}
Runtime rt = Runtime.getRuntime();
long usedMB = (rt.totalMemory() - rt.freeMemory()) / 1024 / 1024;
System.out.println("memory usage: " + usedMB + "MB");
System.out.println("sleeping 5 sec. Hit Ctrl-C to quit\n");
try {
Thread.currentThread().sleep(5000);
} catch (Exception e) {
e.printStackTrace();
}
}
}
}
