diff --git a/edexOsgi/com.raytheon.uf.edex.registry.ebxml/res/spring/ebxml-xacml.xml b/edexOsgi/com.raytheon.uf.edex.registry.ebxml/res/spring/ebxml-xacml.xml
index 6d1c787c10..aa3b1a11fd 100644
--- a/edexOsgi/com.raytheon.uf.edex.registry.ebxml/res/spring/ebxml-xacml.xml
+++ b/edexOsgi/com.raytheon.uf.edex.registry.ebxml/res/spring/ebxml-xacml.xml
@@ -757,7 +757,9 @@
+ class="com.raytheon.uf.edex.registry.acp.xacml.engine.expression.impl.AttributeDesignatorExpression" >
+
+
diff --git a/edexOsgi/com.raytheon.uf.edex.registry.ebxml/src/com/raytheon/uf/edex/registry/acp/xacml/interceptor/XACMLInterceptor.java b/edexOsgi/com.raytheon.uf.edex.registry.ebxml/src/com/raytheon/uf/edex/registry/acp/xacml/interceptor/XACMLInterceptor.java
index 853f92bd03..f4b25a8c80 100644
--- a/edexOsgi/com.raytheon.uf.edex.registry.ebxml/src/com/raytheon/uf/edex/registry/acp/xacml/interceptor/XACMLInterceptor.java
+++ b/edexOsgi/com.raytheon.uf.edex.registry.ebxml/src/com/raytheon/uf/edex/registry/acp/xacml/interceptor/XACMLInterceptor.java
@@ -21,7 +21,6 @@ package com.raytheon.uf.edex.registry.acp.xacml.interceptor;
import java.security.Principal;
import java.util.ArrayList;
-import java.util.Collections;
import java.util.List;
import java.util.Set;
@@ -56,10 +55,10 @@ import org.opensaml.xacml.ctx.ResponseType;
import org.opensaml.xacml.ctx.ResultType;
import org.opensaml.xacml.policy.ObligationType;
import org.opensaml.xacml.policy.ObligationsType;
+import org.springframework.transaction.annotation.Transactional;
import com.raytheon.uf.common.status.IUFStatusHandler;
import com.raytheon.uf.common.status.UFStatus;
-import com.raytheon.uf.common.util.CollectionUtil;
import com.raytheon.uf.edex.registry.acp.xacml.XACMLPolicyAdministrator;
import com.raytheon.uf.edex.registry.acp.xacml.XACMLPolicyDecisionPoint;
import com.raytheon.uf.edex.registry.acp.xacml.engine.obligation.XACMLObligationEvaluator;
@@ -90,6 +89,7 @@ import com.raytheon.uf.edex.registry.ebxml.exception.EbxmlRegistryException;
* @author bphillip
* @version 1
*/
+@Transactional
public class XACMLInterceptor extends AbstractPhaseInterceptor {
/** The logger */
@@ -117,6 +117,10 @@ public class XACMLInterceptor extends AbstractPhaseInterceptor {
*/
private RegistryXACMLRequestBuilder requestBuilder;
+ public XACMLInterceptor() {
+ super(Phase.PRE_INVOKE);
+ }
+
/**
* Constructs a new XACMLInterceptor
*
@@ -129,7 +133,7 @@ public class XACMLInterceptor extends AbstractPhaseInterceptor {
*/
public XACMLInterceptor(XACMLPolicyAdministrator xacmlPolicyAdmin,
XACMLPolicyDecisionPoint pdp, RegistryObjectDao registryObjectDao) {
- super(Phase.POST_INVOKE);
+ super(Phase.PRE_INVOKE);
OpenSAMLUtil.initSamlEngine();
this.xacmlPolicyAdmin = xacmlPolicyAdmin;
this.pdp = pdp;
@@ -190,7 +194,9 @@ public class XACMLInterceptor extends AbstractPhaseInterceptor {
return;
}
} catch (Exception e) {
- statusHandler.error("An error occurred during XACML authorization. Defaulting to Unauthorized", e);
+ statusHandler
+ .error("An error occurred during XACML authorization. Defaulting to Unauthorized",
+ e);
throw new AccessDeniedException("Unauthorized");
}
} else {
@@ -236,31 +242,6 @@ public class XACMLInterceptor extends AbstractPhaseInterceptor {
return response;
}
- /**
- * Gets the resources from the message and retrieves them from the registry
- * database if possible
- *
- * @param message
- * The message to get the resources from
- * @param isSoapCall
- * True if this is a SOAP call
- * @return The list of registry object resources referenced by the message
- * @throws EbxmlRegistryException
- * If errors occur while querying for the objects from the
- * registry database
- */
- private List getResources(Message message,
- boolean isSoapCall) throws EbxmlRegistryException {
- List registryObjects = Collections.emptyList();
-
- List ids = getResourceIds(message, isSoapCall);
- if (!CollectionUtil.isNullOrEmpty(ids)) {
- registryObjects = registryObjectDao.getById(ids);
- }
-
- return registryObjects;
- }
-
/**
* Extracts the ids of the resources from the message
*
@@ -272,8 +253,9 @@ public class XACMLInterceptor extends AbstractPhaseInterceptor {
* @throws EbxmlRegistryException
* If an invalid message is submitted
*/
- private List getResourceIds(Message message, boolean isSoapCall)
- throws EbxmlRegistryException {
+ private List getResources(Message message,
+ boolean isSoapCall) throws EbxmlRegistryException {
+ List registryObjects = new ArrayList();
List ids = new ArrayList();
ObjectRefListType refList = null;
RegistryObjectListType objList = null;
@@ -327,12 +309,13 @@ public class XACMLInterceptor extends AbstractPhaseInterceptor {
}
}
if (objList != null) {
- for (RegistryObjectType regObj : objList.getRegistryObject()) {
- ids.add(regObj.getId());
- }
+ registryObjects.addAll(objList.getRegistryObject());
+ }
+ if (!ids.isEmpty()) {
+ registryObjects.addAll(registryObjectDao.getById(ids));
}
}
- return ids;
+ return registryObjects;
}
/**