Skip to main content Skip to complementary content

Preparing the custom PDP bundle

Procedure

  1. The interface for the PDP customization is included to the following tesb-xacml-pdp-api bundle:
    package org.talend.esb.authorization.xacml.pdp.api;
    import javax.xml.transform.Source;
    /**
     * An interface that describes a PolicyDecisionPoint (PDP).
     */
    public interface PolicyDecisionPoint {
        
        /**
         * Evaluate an XACML Request and return a Response
         * @param request an XACML Request as a Source
         * @return the XACML Response as a Source
         */
        Source evaluate(Source request);
        
    }
    So first of all, make sure this bundle is installed and accessible.
  2. The custom PDP bundle is an OSGi bundle which should import the authorization API resources and implement the org.talend.esb.authorization.xacml.pdp.api.PolicyDecisionPoint interface.
    So, create this OSGi bundle via Maven.
  3. Import the ESB XACML PDP API as a dependency to the Maven pom.xml:
    <dependency>
        <groupId>org.talend.esb.authorization</groupId>
        <artifactId>tesb-xacml-pdp-api</artifactId>
        <version>${project.version}</version>
        <scope>compile</scope>
    </dependency>
  4. When using Spring for the description and rendering of the beans for the PDP implementation, create the beans.xml file in src/main/resources/META-INF/spring if it not exist, and add the PDP interface implementation. For example:
    <bean id="pdpBean" class="org.talend.esb.authorization.xacml.pdp.herasaf.HerasAFPolicyDeci
    sionPoint">
    ...........
    </bean>
    The HerasAFPolicyDecisionPoint class mentioned in the example above should implement the PolicyDecisionPoint interface.
  5. Register the custom PDP as an OSGI service:
    <osgi:service ref="pdpBean" interface="org.talend.esb.authorization.xacml.pdp.api.PolicyDecisionPoi
    nt"/>

Did this page help you?

If you find any issues with this page or its content – a typo, a missing step, or a technical error – please let us know!