scripting policy requirement rules

Liam Hoekenga liamr at umich.edu
Tue Jan 24 21:28:18 GMT 2012 

I'm trying to use a script for a policy requirement rule.  If I follow
the example in the wiki, the IdP loads and works...

<AttributeFilterPolicy id="scriptedRuleTest">
<PolicyRequirementRule xsi:type="basic:Script">
    <basic:Script>
        <![CDATA[
            function evaluateRule(filterContext, attributeId, attributeValue) {
               if (attributeId == null) return true;
               if (attributeValue == null) return true;
               return
filterContext.getAttributeRequestContext().getAttributes().get("uid").equals("jsmith");
            }
            evaluateRule(filterContext, attributeId, attributeValue);
        ]]>
    </basic:Script>
</PolicyRequirementRule>


The wiki suggests that I should also be able to use ScriptFile.  If I
try this, however...

<AttributeFilterPolicy id="scriptedRuleTest">
        <PolicyRequirementRule xsi:type="basic:Script">
            <basic:ScriptFile>/opt/shibboleth-idp/script/testRule.js</basic:ScriptFile>
        </PolicyRequirementRule>

I get this...


16:17:08.890 -  - TRACE
[edu.internet2.middleware.shibboleth.common.config.BaseSpringNamespaceHandler:115]
- Attempting to find parser with element name:
{urn:mace:shibboleth:2.0:afp}AttributeFilterPolicy
16:17:08.890 -  - INFO
[edu.internet2.middleware.shibboleth.common.config.attribute.filtering.AttributeFilterPolicyBeanDefinitionParser:72]
- Parsing configuration for attribute filter policy scriptedRuleTest
16:17:08.890 -  - TRACE
[edu.internet2.middleware.shibboleth.common.config.BaseSpringNamespaceHandler:109]
- Attempting to find parser for element of type:
{urn:mace:shibboleth:2.0:afp:mf:basic}Script
16:17:08.892 -  - ERROR
[edu.internet2.middleware.shibboleth.common.config.BaseService:188] -
Configuration was not loaded for shibboleth.AttributeFilterEngine
service, error creating components.  The root cause of this error was:
java.lang.IndexOutOfBoundsException: Index: 0, Size: 0
16:17:08.895 -  - TRACE
[edu.internet2.middleware.shibboleth.common.config.BaseService:191] -
Full stacktrace is:
org.opensaml.util.resource.ResourceException: Unable to load Spring
bean registry with configuration resources


Suggestions?  IDP 2.3.5 w/ oracle jave 1.6.0_29

Liam

More information about the users mailing list