Hello,

I'm trying to display a customized deny page whenever a (customized)
deny action is applicable from my policy. For this purpose I created a
policy extension with the following data:

Type: Action: Deny
Policy Type: Access Gateway: Authorization
Class Name:
com.novell.nam.custom.policy.action.CustomDenyFact ory;
File Name: CustomDeny

I configured this, and verified the policy is indeed executed by
adding:


Code:
--------------------
System.out.printf("Starting doAction...\n");
--------------------


to the doAction() method. Whenever I load a page that has the policy
configured 'Starting doAction...' appears in catalina.out.

So far, so good, however, it is not working. I seem to be unable to get
a deny, visits are always permitted, no matter what I try.

From my understanding below simplified version of the code should be
enough to deny a visit to a page. Is that true? Anyone has
some examples (obfuscated, even snippets, anything...) on how to deal
with this?

Thanks in advance!

CustomDeny.java :

Code:
--------------------


/*
* Custom Deny or Permit action
*/
package com.novell.nam.custom.policy.action;

import com.novell.nxpe.NxpeAction;
import com.novell.nxpe.NxpeException;
import com.novell.nxpe.NxpeInformationContext;
import com.novell.nxpe.NxpeParameter;
import com.novell.nxpe.NxpeParameterList;
import com.novell.nxpe.NxpeResponseContext;
import com.novell.nxpe.NxpeResult;

public class CustomDeny implements NxpeAction {

/**
* Unique string value for the action.
*/
private String interfaceID;

/** NxpeParameterList will be initialized during initialize() call */
private NxpeParameterList configurationValues;

/** NxpeInformationContext */
private NxpeInformationContext informationCtx;

/** NxpeResponseContext */
private NxpeResponseContext responseCtx;

/**
* Initialize the configuration values
*
* @required
* @param configurationValues
* :NxpeParameterList: The configuration parameters passed by
* policy engine are used to initialize the NxpeAction object
* and are the parameters that the extension needs for evaluating
* the condition.
*
* @throws com.novell.nxpe.NxpeException
*/
@Override
public void initialize(NxpeParameterList configurationValues) throws NxpeException {
this.configurationValues = configurationValues;
}

/**
* Sets the unique string value for the action
*/
@Override
public void setInterfaceId(String arg0) throws NxpeException {
this.interfaceID = arg0;
}

/**
* Perform the Permit or Deny action
*
* @required
*
*/
@Override
public NxpeResult doAction(NxpeInformationContext informationCtx, NxpeResponseContext responseCtx) throws NxpeException {

NxpeResult res = new NxpeResult(NxpeResult.Type.success, NxpeResult.Value.deny);
return res;

}
}


--------------------


CustomDenyFactory.java :


Code:
--------------------

package com.novell.nam.custom.policy.action;

import com.novell.nxpe.NxpeAction;
import com.novell.nxpe.NxpeActionFactory;
import com.novell.nxpe.NxpeException;

/**
* ActionFactory
*/
public class CustomDenyFactory implements NxpeActionFactory {

@Override
public NxpeAction getInstance() throws NxpeException {
return new CustomDeny();
}

}

--------------------


Kind regards,

Bas Dakkenhorst


--
basdakkenhorst
------------------------------------------------------------------------
basdakkenhorst's Profile: https://forums.netiq.com/member.php?userid=2664
View this thread: https://forums.netiq.com/showthread.php?t=44951