[jboss-user] [Security JAAS/JBoss] - Re: JBossXACML: Bug in HigherOrderFunction Class of sun's XA
Hi Anil, I have tested jbossxacml-2.0.3.CR4.jar against our policies. Now our issue with HigherOrderFunction is solved! Thanks a lot for your very fast reaction. Best regards, Joerg View the original post : http://www.jboss.org/index.html?module=bbop=viewtopicp=4221324#4221324 Reply to the post : http://www.jboss.org/index.html?module=bbop=postingmode=replyp=4221324 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security JAAS/JBoss] - Re: JBossXACML: Bug in HigherOrderFunction Class of sun's XA
Hi Anil, The issue can be reproduced using anyURI-regexp-match inside an any-of function. In that case the following fix in HigherOrderFunction of the original sunxacml implementation is needed: http://sunxacml.svn.sourceforge.net/viewvc/sunxacml/trunk/sunxacml/com/sun/xacml/cond/HigherOrderFunction.java?r1=112r2=114. The following condition cannot be evaluated: ... | Condition | Apply FunctionId=urn:oasis:names:tc:xacml:1.0:function:any-of | Function FunctionId=urn:oasis:names:tc:xacml:2.0:function:anyURI-regexp-match/ | AttributeValue | DataType=http://www.w3.org/2001/XMLSchema#string;.*100101/AttributeValue | SubjectAttributeDesignator | DataType=http://www.w3.org/2001/XMLSchema#anyURI; | AttributeId=urn:oasis:names:tc:xacml:2.0:subject:role/ | /Apply | /Condition | ... I'll send you an email with a policy and a request to reproduce this issue. It is still present in 2.0.3.CR3-SNAPSHOT. Regards, Joerg View the original post : http://www.jboss.org/index.html?module=bbop=viewtopicp=4220507#4220507 Reply to the post : http://www.jboss.org/index.html?module=bbop=postingmode=replyp=4220507 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user