How to use a non-JDBC connector in a custom Policy Information Point (PIP)

Question

I want my custom Policy Information Point (PIP) to be able to connect to OpenStack Swift (an Object Storage application) thanks to this connector. The connector is able to retrieve metadata from an object, which would be sent back to the Policy Decision Point (PDP) when the right AttributeId is requested.
In our context, Swift holds information about our resources (objects here).

Below are all the steps I followed to try and use this connector in my custom PIP.

I got the connector to work locally (no integration with WSO2IS yet) following only the first 3 steps and calling the swift_test function in a debug-purposed main class.

I followed this guide to implement a custom PIP, which suggests using a database offering a JDBC driver (such as mariadb). My issue is that Swift does not offer a JDBC driver, hence the use of the openstack4j connector.
I added the needed openstack4j dependency to the maven project linked in the guide (here).
I also added the following imports to the extended class (named KMarketJDBCAttributeFinder in the guide):

package org.xacmlinfo.xacml.pip.jdbc;

import org.openstack4j.api.OSClient.OSClientV3;
import org.openstack4j.model.common.Identifier;
import org.openstack4j.model.storage.object.SwiftAccount;
import org.openstack4j.model.storage.object.SwiftContainer;
import org.openstack4j.model.storage.object.SwiftObject;
import org.openstack4j.model.storage.object.options.ObjectListOptions;
import org.openstack4j.openstack.OSFactory;

import org.wso2.carbon.identity.entitlement.pip.AbstractPIPAttributeFinder;
...

and this function to test and retrieve an object's metadata:

public void swift_test() {
  OSClientV3 os = OSFactory.builderV3()
    .endpoint(our_keystoneV3_url)
    .credentials(our_keystone_username, password, domain_identifier)
    .scopeToProject(Identifier.byName(our_tenant), Identifier.byName(our_domain))
    .authenticate();

  SwiftAccount account = os.objectStorage.account().get();
  Map<String, String> md = 
  os.objectStorage.objects().getMetadata("our_container", "our_object");
  System.out.println(md.toString());
}

which I call in the overriden getAttributeValues of the custom PIP class.

I then built the class using mvn package to generate the .jar which I copied in <IS_HOME>/repository/components/lib.
I downloaded all my dependencies using mvn dependency:copy-dependencies, and copied them all to the same <IS_HOME>/repository/components/lib folder.
I start the wso2is server, send a XACML request which involves calling my custom PIP, and see the following error in <IS_HOME>/repository/logs/wso2carbon.log:

ERROR {org.openstack4j.core.transport.internal.HttpExecutor} - No OpenStack4j connector found in classpath
ERROR {org.wso2.carbon.identity.entitlement.pip.CarbonAttributeFinder} - Error while retrieving attribute values from PIP attribute finder: org.openstack4j.api.exceptions.ConnectorNotFoundException: No OpenStack4j connector found in classpath
ERROR {org.wso2.balana.finder.AttributeFinder} - Error while trying to resolve values: Error while retrieving attribute values from PIP attribute finder: No OpenStack4j connector found in classpath

Our wso2is server, version 5.7.0 runs on a CentOS 7.6 VM.

My question is then: can we use this kind of connector in a custom PIP with wso2is? If so, how would I go about resolving the classpath issues between my dependencies?

P.S. : I previously added another custom PIP, connecting this time to a MariaDB database which is working well. The .jar I create when using mvn package contains both custom PIPs, and they are both recognized in the section "PDP > Extension" in the wso2is web interface.

Here is the list of dependencies obtained with the mvn command:

activation-1.1.1.jar
btf-1.2.jar
classworlds-1.1-alpha-2.jar
commons-codec-1.9.jar
commons-io-2.3.jar
commons-lang-2.6.jar
commons-logging-1.2.jar
guava-20.0.jar
httpclient-4.5.3.jar
httpcore-4.4.6.jar
jackson-annotations-2.7.0.jar
jackson-core-2.7.3.jar
jackson-core-asl-1.9.7.jar
jackson-coreutils-1.6.jar
jackson-databind-2.7.3.jar
jackson-dataformat-yaml-2.7.3.jar
jackson-jaxrs-base-2.7.3.jar
jackson-jaxrs-json-provider-2.7.3.jar
jackson-mapper-asl-1.9.7.jar
jackson-module-jaxb-annotations-2.7.3.jar
jboss-annotations-api_1.2_spec-1.0.0.Final.jar
jboss-jaxrs-api_2.0_spec-1.0.1.Beta1.jar
jboss-logging-3.3.0.Final.jar
jcip-annotations-1.0.jar
jcl-over-slf4j-1.7.2.jar
jdom2-2.0.6.jar
joss-0.10.2.jar
json-patch-1.9.jar
jsr305-2.0.0.jar
junit-3.8.1.jar
maven-artifact-2.0.jar
maven-compiler-plugin-2.0.jar
maven-plugin-api-2.0.jar
msg-simple-1.1.jar
openstack4j-3.1.0.jar
openstack4j-core-3.1.0.jar
openstack4j-resteasy-3.1.0.jar
org.wso2.carbon.identity.entitlement-4.2.0.jar
plexus-compiler-api-1.5.1.jar
plexus-compiler-javac-1.5.1.jar
plexus-compiler-manager-1.5.1.jar
plexus-container-default-1.0-alpha-8.jar
plexus-utils-1.0.4.jar
resteasy-client-3.1.4.Final.jar
resteasy-jaxrs-3.1.4.Final.jar
resteasy-jaxrs-services-3.1.4.Final.jar
slf4j-api-1.7.2.jar
snakeyaml-1.15.jar

Hello, you can find the errors I got right in step 6. in the post — jnamdar, Apr 23 '19 at 15:09
How would I go about modifying the classpath within the wso2is application? — jnamdar, Apr 23 '19 at 15:13
please share at least 1 full stack trace to see `caused by` section. also share the list of libraries you copied to `components/lib` folder — daggett, Apr 23 '19 at 15:28
I added the list of libraries in the question. I don't see anything else than the errors I copied from the log file in relation with my issue though — jnamdar, Apr 23 '19 at 15:51

How to use a non-JDBC connector in a custom Policy Information Point (PIP)

0 Answers0