This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

How can I configure Java code using files?

Posted on 05-27-2016 08:40 AM
Not applicable
Reply posted on --/--/---- --:-- AM

We're trying to create a xacml pdp on apigee. I'm using balana pdp which requires a configuration file as well as xacml policy files but I don't have access to a filesystem on apigee. I am able to upload files in a jar and read them as a resource but balana can't read them this way. When I read the jar'd files as a resource and write them to the same location as a regular file, our java code says that the new file is readable but doesn't actually read anything. How do I work with apigee so that I can make configuration and policy files available for balana pdp to read?

1 3 307
Topic Labels
3 REPLIES 3

Posted on --/--/---- --:-- AM
Former Community Member
Not applicable
Reply posted on --/--/---- --:-- AM

How about this? Create a "No-Target" API Proxy. The Assign Message of that proxy returns a XML that contains the XACML policy.

You can protect the API Proxy (with API Key or OAuth) and the Policy file can be shared by many proxies. When updated, all proxies can receive the updates.

If you are worried about network hops, you can use proxy chaining to call this proxy.

0 Likes

Posted on --/--/---- --:-- AM
DChiesa
Staff
Reply posted on --/--/---- --:-- AM

I don't think you can do it "out of the box".

It seems like a glaring oversight or functional gap that Balana cannot accept input configuration from something other than a java.io.File. For example, it could or should accept an org.w3c.dom.Document or a java.io.InputStream .

Fortunately, you should be able to modify ConfigurationStore.java , which is open-source, to do that. It should be pretty simple. Basically just follow the pattern in the getRootNode method. Create a method that accepts a stream or a Document or an Element, and ... with a little refactoring, it should just work.

Would love to hear your feedback on this.

Posted on --/--/---- --:-- AM
Not applicable
In response to DChiesa
Reply posted on --/--/---- --:-- AM

Yep. Thanks. I just wrote my own balana classes as needed and wrote the Config Store to read from a jar'd config file and used my own JarBasedPolicyFinderModule to read policies from jars. I'm just a "stickler for the rules" sometimes -- I stubbornly try to use things "as they should be used" (in this case, out of the box) before I finally take my own path.