[17/23] incubator-openaz git commit: Ported original att source to openaz

[pd...@apache.org]

http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/a1d93100/openaz-xacml-pap-admin/src/main/java/org/apache/openaz/xacml/admin/jpa/AttributeAssignment.java
----------------------------------------------------------------------
diff --git a/openaz-xacml-pap-admin/src/main/java/org/apache/openaz/xacml/admin/jpa/AttributeAssignment.java b/openaz-xacml-pap-admin/src/main/java/org/apache/openaz/xacml/admin/jpa/AttributeAssignment.java
new file mode 100644
index 0000000..344b7f8
--- /dev/null
+++ b/openaz-xacml-pap-admin/src/main/java/org/apache/openaz/xacml/admin/jpa/AttributeAssignment.java
@@ -0,0 +1,94 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License.
+ *
+ */
+
+package org.apache.openaz.xacml.admin.jpa;
+
+import java.io.Serializable;
+
+import javax.persistence.Column;
+import javax.persistence.Entity;
+import javax.persistence.GeneratedValue;
+import javax.persistence.GenerationType;
+import javax.persistence.Id;
+import javax.persistence.ManyToOne;
+import javax.persistence.NamedQuery;
+import javax.persistence.Table;
+
+
+/**
+ * The persistent class for the ObadviceExpressions database table.
+ * 
+ */
+@Entity
+@Table(name="AttributeAssignment")
+@NamedQuery(name="AttributeAssignment.findAll", query="SELECT a FROM AttributeAssignment a")
+public class AttributeAssignment implements Serializable {
+	private static final long serialVersionUID = 1L;
+
+	public static final String EXPRESSION_APPLY = "Apply";
+	public static final String EXPRESSION_SELECTOR = "AttributeSelector";
+	public static final String EXPRESSION_VALUE = "AttributeValue";
+	public static final String EXPRESSION_FUNCTION = "Function";
+	public static final String EXPRESSION_REFERENCE = "VarableReference";
+	public static final String EXPRESSION_DESIGNATOR = "AttributeDesignator";
+
+	@Id
+	@GeneratedValue(strategy = GenerationType.AUTO)
+	@Column(name="id")
+	private int id;
+
+	@Column(name="attribute_id")
+	private int attributeId;
+
+	//bi-directional many-to-one association to Obadvice
+	@Column(name="expression", nullable=false)
+	private String expression;
+
+	//bi-directional many-to-one association to Obadvice
+	@ManyToOne
+	private Obadvice obadvice; //NOPMD
+
+	public AttributeAssignment() {
+	}
+
+	public int getId() {
+		return this.id;
+	}
+
+	public void setId(int id) {
+		this.id = id;
+	}
+
+	public int getAttributeId() {
+		return this.attributeId;
+	}
+
+	public void setAttributeId(int attributeId) {
+		this.attributeId = attributeId;
+	}
+
+	public String getExpression() {
+		return expression;
+	}
+
+	public void setExpression(String expression) {
+		this.expression = expression;
+	}
+}

http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/a1d93100/openaz-xacml-pap-admin/src/main/java/org/apache/openaz/xacml/admin/jpa/Category.java
----------------------------------------------------------------------
diff --git a/openaz-xacml-pap-admin/src/main/java/org/apache/openaz/xacml/admin/jpa/Category.java b/openaz-xacml-pap-admin/src/main/java/org/apache/openaz/xacml/admin/jpa/Category.java
new file mode 100644
index 0000000..fdcbd3d
--- /dev/null
+++ b/openaz-xacml-pap-admin/src/main/java/org/apache/openaz/xacml/admin/jpa/Category.java
@@ -0,0 +1,216 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License.
+ *
+ */
+
+package org.apache.openaz.xacml.admin.jpa;
+
+import java.io.Serializable;
+import java.util.HashSet;
+import java.util.Set;
+
+import javax.persistence.Column;
+import javax.persistence.Entity;
+import javax.persistence.GeneratedValue;
+import javax.persistence.GenerationType;
+import javax.persistence.Id;
+import javax.persistence.NamedQuery;
+import javax.persistence.OneToMany;
+import javax.persistence.Table;
+import javax.persistence.Transient;
+
+import org.apache.openaz.xacml.api.Identifier;
+import org.apache.openaz.xacml.api.XACML3;
+import org.apache.openaz.xacml.std.IdentifierImpl;
+
+
+/**
+ * The persistent class for the Categories database table.
+ * 
+ */
+@Entity
+@Table(name="Category")
+@NamedQuery(name="Category.findAll", query="SELECT c FROM Category c")
+public class Category implements Serializable {
+	private static final long serialVersionUID = 1L;
+	
+	public static final char STANDARD = 'S';
+	public static final char CUSTOM = 'C';
+
+	@Id
+	@GeneratedValue(strategy = GenerationType.AUTO)
+	@Column(name="id")
+	private int id;
+
+	@Column(name="grouping", nullable=false, length=64)
+	private String grouping;
+
+	@Column(name="is_standard", nullable=false)
+	private char isStandard;
+
+	@Column(name="xacml_id", nullable=false, unique=true, length=255)
+	private String xacmlId;
+	
+	@Column(name="short_name", nullable=false, length=64)
+	private String shortName;
+	
+	//bi-directional many-to-one association to Attribute
+	@OneToMany(mappedBy="categoryBean")
+	private Set<Attribute> attributes = new HashSet<>();
+
+	public Category() {
+		this.xacmlId = XACML3.ID_SUBJECT_CATEGORY_ACCESS_SUBJECT.stringValue();
+		this.grouping = "subject";
+		this.isStandard = Category.STANDARD;
+		this.shortName = "subject";
+	}
+
+	public Category(Identifier cat, String grouping, char isStandard) {
+		if (cat != null) {
+			this.xacmlId = cat.stringValue();
+		}
+		this.isStandard = isStandard;
+		if (grouping != null) {
+			this.grouping = grouping;
+		} else {
+			this.grouping = Category.extractGrouping(this.xacmlId);
+		}
+	}
+
+	public Category(Identifier cat, String grouping) {
+		this(cat, grouping, Category.STANDARD);
+	}
+
+	public Category(Identifier cat, char standard) {
+		this(cat, null, standard);
+	}
+
+	public Category(Identifier cat) {
+		this(cat, Category.STANDARD);
+	}
+
+	public int getId() {
+		return this.id;
+	}
+
+	public void setId(int id) {
+		this.id = id;
+	}
+
+	public String getGrouping() {
+		return this.grouping;
+	}
+
+	public void setGrouping(String grouping) {
+		this.grouping = grouping;
+	}
+
+	public char getIsStandard() {
+		return this.isStandard;
+	}
+
+	public void setIsStandard(char isStandard) {
+		this.isStandard = isStandard;
+	}
+
+	public String getXacmlId() {
+		return this.xacmlId;
+	}
+
+	public void setXacmlId(String xacmlId) {
+		this.xacmlId = xacmlId;
+	}
+
+	public String getShortName() {
+		return this.shortName;
+	}
+
+	public void setShortName(String shortName) {
+		this.shortName = shortName;
+	}
+
+	public Set<Attribute> getAttributes() {
+		return this.attributes;
+	}
+
+	public void setAttributes(Set<Attribute> attributes) {
+		this.attributes = attributes;
+	}
+
+	public Attribute addAttribute(Attribute attribute) {
+		getAttributes().add(attribute);
+		attribute.setCategoryBean(this);
+
+		return attribute;
+	}
+
+	public Attribute removeAttribute(Attribute attribute) {
+		getAttributes().remove(attribute);
+		attribute.setCategoryBean(null);
+
+		return attribute;
+	}
+
+	@Transient
+	public boolean isStandard() {
+		return this.isStandard == Category.STANDARD;
+	}
+	
+	@Transient
+	public boolean isCustom() {
+		return this.isStandard == Category.CUSTOM;
+	}
+	
+	@Transient
+	public static String	extractGrouping(String xacmlId) {
+		if (xacmlId == null) {
+			return null;
+		}
+		if (xacmlId.matches(".*:attribute\\-category:.*")) {
+			String[] parts = xacmlId.split("[:]");
+			if (parts != null && parts.length > 0) {
+				return parts[parts.length - 1];
+			}
+		} else if (xacmlId.matches(".*:[a-zA-Z]+[\\-]category:.*")) {
+			String[] parts = xacmlId.split("[:]");
+			if (parts != null && parts.length > 0) {
+				for (String part : parts) {
+					int index = part.indexOf("-category");
+					if (index > 0) {
+						return part.substring(0, index);
+					}
+				}
+			}
+		}
+		return null;
+	}
+	
+	@Transient
+	public Identifier getIdentifer() {
+		return new IdentifierImpl(this.xacmlId);
+	}
+
+	@Transient
+	@Override
+	public String toString() {
+		return "Category [id=" + id + ", grouping=" + grouping
+				+ ", isStandard=" + isStandard + ", xacmlId=" + xacmlId
+				+ ", attributes=" + attributes + "]";
+	}
+
+}

http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/a1d93100/openaz-xacml-pap-admin/src/main/java/org/apache/openaz/xacml/admin/jpa/ConstraintType.java
----------------------------------------------------------------------
diff --git a/openaz-xacml-pap-admin/src/main/java/org/apache/openaz/xacml/admin/jpa/ConstraintType.java b/openaz-xacml-pap-admin/src/main/java/org/apache/openaz/xacml/admin/jpa/ConstraintType.java
new file mode 100644
index 0000000..14b9008
--- /dev/null
+++ b/openaz-xacml-pap-admin/src/main/java/org/apache/openaz/xacml/admin/jpa/ConstraintType.java
@@ -0,0 +1,117 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License.
+ *
+ */
+
+package org.apache.openaz.xacml.admin.jpa;
+
+import java.io.Serializable;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Map;
+import java.util.Set;
+
+import javax.persistence.Column;
+import javax.persistence.Entity;
+import javax.persistence.GeneratedValue;
+import javax.persistence.GenerationType;
+import javax.persistence.Id;
+import javax.persistence.NamedQuery;
+import javax.persistence.OneToMany;
+import javax.persistence.Table;
+
+@Entity
+@Table(name="ConstraintType")
+@NamedQuery(name="ConstraintType.findAll", query="SELECT a FROM ConstraintType a")
+public class ConstraintType implements Serializable {
+	private static final long serialVersionUID = 1L;
+	
+	public static String ENUMERATION_TYPE = "Enumeration";
+	public static String RANGE_TYPE = "Range";
+	public static String REGEXP_TYPE = "Regular Expression";
+	
+	public static Map<String, String> defaults = new HashMap<String, String>();
+	static {
+		defaults.put(ENUMERATION_TYPE, "Enumerate a set of values that the attribute may be set to during policy creation.");
+		defaults.put(RANGE_TYPE, "Set a range of min and/or max integer/double values the attribute can be set to during policy creation.");
+		defaults.put(REGEXP_TYPE, "Define a regular expression the attribute must match against during policy creation.");
+	}
+	public static final String[] RANGE_TYPES = {"minExclusive", "minInclusive", "maxExclusive", "maxInclusive"};
+	
+	@Id
+	@GeneratedValue(strategy = GenerationType.AUTO)
+	@Column(name="id")
+	private int id;
+
+	@Column(name="constraint_type", nullable=false, length=64)
+	private String constraintType;
+	
+	@Column(name="description", nullable=false, length=255)
+	private String description;
+
+	//bi-directional many-to-one association to Attribute
+	@OneToMany(mappedBy="constraintType")
+	private Set<Attribute> attributes = new HashSet<>();
+
+	public ConstraintType() {
+		
+	}
+
+	public ConstraintType(String constraintType) {
+		this();
+		this.constraintType = constraintType;
+	}
+	
+	public ConstraintType(String constraintType, String description) {
+		this(constraintType);
+		this.description = description;
+	}
+
+	public int getId() {
+		return id;
+	}
+
+	public void setId(int id) {
+		this.id = id;
+	}
+
+	public String getConstraintType() {
+		return constraintType;
+	}
+
+	public void setConstraintType(String constraintType) {
+		this.constraintType = constraintType;
+	}
+
+	public String getDescription() {
+		return description;
+	}
+
+	public void setDescription(String description) {
+		this.description = description;
+	}
+
+	public Set<Attribute> getAttributes() {
+		return attributes;
+	}
+
+	public void setAttributes(Set<Attribute> attributes) {
+		this.attributes = attributes;
+	}
+
+}

http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/a1d93100/openaz-xacml-pap-admin/src/main/java/org/apache/openaz/xacml/admin/jpa/ConstraintValue.java
----------------------------------------------------------------------
diff --git a/openaz-xacml-pap-admin/src/main/java/org/apache/openaz/xacml/admin/jpa/ConstraintValue.java b/openaz-xacml-pap-admin/src/main/java/org/apache/openaz/xacml/admin/jpa/ConstraintValue.java
new file mode 100644
index 0000000..e1f66d4
--- /dev/null
+++ b/openaz-xacml-pap-admin/src/main/java/org/apache/openaz/xacml/admin/jpa/ConstraintValue.java
@@ -0,0 +1,116 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License.
+ *
+ */
+
+package org.apache.openaz.xacml.admin.jpa;
+
+import java.io.Serializable;
+
+import javax.persistence.Column;
+import javax.persistence.Entity;
+import javax.persistence.GeneratedValue;
+import javax.persistence.GenerationType;
+import javax.persistence.Id;
+import javax.persistence.JoinColumn;
+import javax.persistence.ManyToOne;
+import javax.persistence.NamedQuery;
+import javax.persistence.Table;
+
+
+/**
+ * The persistent class for the ConstraintValues database table.
+ * 
+ */
+@Entity
+@Table(name="ConstraintValues")
+@NamedQuery(name="ConstraintValue.findAll", query="SELECT c FROM ConstraintValue c")
+public class ConstraintValue implements Serializable {
+	private static final long serialVersionUID = 1L;
+
+	@Id
+	@GeneratedValue(strategy = GenerationType.AUTO)
+	@Column(name="id")
+	private int id;
+
+	@Column(name="property")
+	private String property;
+
+	@Column(name="value")
+	private String value;
+
+	//bi-directional many-to-one association to Attribute
+	@ManyToOne
+	@JoinColumn(name="attribute_id")
+	private Attribute attribute;
+
+	public ConstraintValue() {
+	}
+
+	public ConstraintValue(String property, String value) {
+		this.property = property;
+		this.value = value;
+	}
+	
+	public ConstraintValue(ConstraintValue value) {
+		this.property = value.getProperty();
+		this.value = value.getValue();
+	}
+
+	public int getId() {
+		return this.id;
+	}
+
+	public void setId(int id) {
+		this.id = id;
+	}
+
+	public String getProperty() {
+		return this.property;
+	}
+
+	public void setProperty(String property) {
+		this.property = property;
+	}
+
+	public String getValue() {
+		return this.value;
+	}
+
+	public void setValue(String value) {
+		this.value = value;
+	}
+
+	public Attribute getAttribute() {
+		return this.attribute;
+	}
+
+	public void setAttribute(Attribute attribute) {
+		this.attribute = attribute;
+	}
+	
+	public ConstraintValue clone() {
+		ConstraintValue constraint = new ConstraintValue();
+		
+		constraint.property = this.property;
+		constraint.value = this.value;
+		constraint.attribute = this.attribute;
+		
+		return constraint;
+	}
+}

http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/a1d93100/openaz-xacml-pap-admin/src/main/java/org/apache/openaz/xacml/admin/jpa/Datatype.java
----------------------------------------------------------------------
diff --git a/openaz-xacml-pap-admin/src/main/java/org/apache/openaz/xacml/admin/jpa/Datatype.java b/openaz-xacml-pap-admin/src/main/java/org/apache/openaz/xacml/admin/jpa/Datatype.java
new file mode 100644
index 0000000..50d4488
--- /dev/null
+++ b/openaz-xacml-pap-admin/src/main/java/org/apache/openaz/xacml/admin/jpa/Datatype.java
@@ -0,0 +1,230 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License.
+ *
+ */
+
+package org.apache.openaz.xacml.admin.jpa;
+
+import java.io.Serializable;
+import java.util.HashSet;
+import java.util.Set;
+
+import javax.persistence.Column;
+import javax.persistence.Entity;
+import javax.persistence.GeneratedValue;
+import javax.persistence.GenerationType;
+import javax.persistence.Id;
+import javax.persistence.NamedQuery;
+import javax.persistence.OneToMany;
+import javax.persistence.Table;
+import javax.persistence.Transient;
+
+import org.apache.openaz.xacml.api.Identifier;
+import org.apache.openaz.xacml.api.XACML3;
+import org.apache.openaz.xacml.std.IdentifierImpl;
+
+
+/**
+ * The persistent class for the Datatype database table.
+ * 
+ */
+@Entity
+@Table(name="Datatype")
+@NamedQuery(name="Datatype.findAll", query="SELECT d FROM Datatype d")
+public class Datatype implements Serializable {
+	private static final long serialVersionUID = 1L;
+	
+	public static final char STANDARD = 'S';
+	public static final char CUSTOM = 'C';
+
+	@Id
+	@GeneratedValue(strategy = GenerationType.AUTO)
+	@Column(name="id")
+	private int id;
+
+	@Column(name="is_standard", nullable=false)
+	private char isStandard;
+
+	@Column(name="xacml_id", nullable=false, unique=true, length=255)
+	private String xacmlId;
+
+	@Column(name="short_name", nullable=false, length=64)
+	private String shortName;
+
+	//bi-directional many-to-one association to Attribute
+	@OneToMany(mappedBy="datatypeBean")
+	private Set<Attribute> attributes = new HashSet<>();
+
+	//bi-directional many-to-one association to Attribute
+	@OneToMany(mappedBy="datatypeBean")
+	private Set<FunctionDefinition> functions = new HashSet<>();
+
+	//bi-directional many-to-one association to Attribute
+	@OneToMany(mappedBy="datatypeBean")
+	private Set<FunctionArgument> arguments = new HashSet<>();
+
+	public Datatype() {
+		this.xacmlId = XACML3.ID_DATATYPE_STRING.stringValue();
+		this.isStandard = Datatype.STANDARD;
+	}
+	
+	public Datatype(int id, Datatype dt) {
+		this.id = id;
+		this.isStandard = dt.isStandard;
+		this.xacmlId = dt.xacmlId;
+		this.shortName = dt.shortName;
+		//
+		// Make a copy?
+		//
+		this.attributes = new HashSet<>();
+	}
+	
+	public Datatype(Identifier identifier, char standard) {
+		if (identifier != null) {
+			this.xacmlId = identifier.stringValue();
+		}
+		this.isStandard = standard;
+	}
+	
+	public Datatype(Identifier identifier) {
+		this(identifier, Datatype.STANDARD);
+	}
+	
+	public int getId() {
+		return this.id;
+	}
+
+	public void setId(int id) {
+		this.id = id;
+	}
+
+	public char getIsStandard() {
+		return this.isStandard;
+	}
+
+	public void setIsStandard(char isStandard) {
+		this.isStandard = isStandard;
+	}
+
+	public String getXacmlId() {
+		return this.xacmlId;
+	}
+
+	public void setXacmlId(String xacmlId) {
+		this.xacmlId = xacmlId;
+	}
+
+	public String getShortName() {
+		return shortName;
+	}
+
+	public void setShortName(String shortName) {
+		this.shortName = shortName;
+	}	
+
+	public Set<Attribute> getAttributes() {
+		return this.attributes;
+	}
+
+	public void setAttributes(Set<Attribute> attributes) {
+		this.attributes = attributes;
+	}
+
+	public Attribute addAttribute(Attribute attribute) {
+		getAttributes().add(attribute);
+		attribute.setDatatypeBean(this);
+
+		return attribute;
+	}
+
+	public Attribute removeAttribute(Attribute attribute) {
+		getAttributes().remove(attribute);
+		attribute.setDatatypeBean(null);
+
+		return attribute;
+	}
+
+	public Set<FunctionDefinition> getFunctions() {
+		return this.functions;
+	}
+
+	public void setFunctions(Set<FunctionDefinition> functions) {
+		this.functions = functions;
+	}
+
+	public FunctionDefinition addFunction(FunctionDefinition function) {
+		getFunctions().add(function);
+		function.setDatatypeBean(this);
+
+		return function;
+	}
+
+	public FunctionDefinition removeAttribute(FunctionDefinition function) {
+		getFunctions().remove(function);
+		function.setDatatypeBean(null);
+
+		return function;
+	}
+
+	public Set<FunctionArgument> getArguments() {
+		return this.arguments;
+	}
+
+	public void setArguments(Set<FunctionArgument> argument) {
+		this.arguments = argument;
+	}
+
+	public FunctionArgument addArgument(FunctionArgument argument) {
+		getArguments().add(argument);
+		argument.setDatatypeBean(this);
+
+		return argument;
+	}
+
+	public FunctionArgument removeArgument(FunctionArgument argument) {
+		getArguments().remove(argument);
+		argument.setDatatypeBean(null);
+
+		return argument;
+	}
+
+	@Transient
+	public Identifier getIdentifer() {
+		return new IdentifierImpl(this.xacmlId);
+	}
+
+	@Transient
+	public boolean isStandard() {
+		return this.isStandard == Datatype.STANDARD;
+	}
+	
+	@Transient
+	public boolean isCustom() {
+		return this.isStandard == Datatype.CUSTOM;
+	}
+	
+	@Transient
+	@Override
+	public String toString() {
+		return "Datatype [id=" + id + ", isStandard=" + isStandard
+				+ ", xacmlId=" + xacmlId + ", shortName=" + shortName
+				+ ", attributes=" + attributes + ", functions=" + functions
+				+ ", arguments=" + arguments + "]";
+	}
+
+}

http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/a1d93100/openaz-xacml-pap-admin/src/main/java/org/apache/openaz/xacml/admin/jpa/FunctionArgument.java
----------------------------------------------------------------------
diff --git a/openaz-xacml-pap-admin/src/main/java/org/apache/openaz/xacml/admin/jpa/FunctionArgument.java b/openaz-xacml-pap-admin/src/main/java/org/apache/openaz/xacml/admin/jpa/FunctionArgument.java
new file mode 100644
index 0000000..109e26d
--- /dev/null
+++ b/openaz-xacml-pap-admin/src/main/java/org/apache/openaz/xacml/admin/jpa/FunctionArgument.java
@@ -0,0 +1,122 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License.
+ *
+ */
+
+package org.apache.openaz.xacml.admin.jpa;
+
+import java.io.Serializable;
+
+import javax.persistence.*;
+
+
+/**
+ * The persistent class for the FunctionArguments database table.
+ * 
+ */
+@Entity
+@Table(name="FunctionArguments")
+@NamedQuery(name="FunctionArgument.findAll", query="SELECT f FROM FunctionArgument f")
+public class FunctionArgument implements Serializable {
+	private static final long serialVersionUID = 1L;
+
+	@Id
+	@GeneratedValue(strategy=GenerationType.AUTO)
+	@Column(name="id")
+	private int id;
+
+	@Column(name="is_bag", nullable=false)
+	private int isBag;
+
+	//bi-directional many-to-one association to FunctionDefinition
+	@ManyToOne
+	@JoinColumn(name="function_id")
+	private FunctionDefinition functionDefinition;
+
+	@Column(name="arg_index", nullable=false)
+	private int argIndex;
+
+	//bi-directional many-to-one association to Datatype
+	@ManyToOne
+	@JoinColumn(name="datatype_id")
+	private Datatype datatypeBean;
+
+	public FunctionArgument() {
+	}
+
+	public FunctionArgument(final FunctionArgument argument) {
+		this.argIndex = argument.argIndex;
+		this.datatypeBean = argument.datatypeBean;
+		this.isBag = argument.isBag;
+		this.functionDefinition = argument.functionDefinition;
+	}
+
+	public int getId() {
+		return this.id;
+	}
+
+	public void setId(int id) {
+		this.id = id;
+	}
+
+	public int getArgIndex() {
+		return this.argIndex;
+	}
+
+	public void setArgIndex(int argIndex) {
+		this.argIndex = argIndex;
+	}
+
+	public Datatype getDatatypeBean() {
+		return this.datatypeBean;
+	}
+
+	public void setDatatypeBean(Datatype datatypeBean) {
+		this.datatypeBean = datatypeBean;
+	}
+
+	public FunctionDefinition getFunctionDefinition() {
+		return this.functionDefinition;
+	}
+
+	public int getIsBag() {
+		return isBag;
+	}
+
+	public void setIsBag(int isBag) {
+		this.isBag = isBag;
+	}
+
+	public void setFunctionDefinition(FunctionDefinition functionDefinition) {
+		this.functionDefinition = functionDefinition;
+	}
+
+	@Transient
+	@Override
+	public String toString() {
+		return "FunctionArgument [id=" + id + ", argIndex=" + argIndex
+				+ ", datatypeBean=" + datatypeBean + ", isBag=" + isBag
+				+ ", functionDefinition=" + functionDefinition + "]";
+	}
+	
+	@Transient
+	public boolean isBag() {
+		return this.isBag == 1;
+	}
+
+}

http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/a1d93100/openaz-xacml-pap-admin/src/main/java/org/apache/openaz/xacml/admin/jpa/FunctionDefinition.java
----------------------------------------------------------------------
diff --git a/openaz-xacml-pap-admin/src/main/java/org/apache/openaz/xacml/admin/jpa/FunctionDefinition.java b/openaz-xacml-pap-admin/src/main/java/org/apache/openaz/xacml/admin/jpa/FunctionDefinition.java
new file mode 100644
index 0000000..fc0cc91
--- /dev/null
+++ b/openaz-xacml-pap-admin/src/main/java/org/apache/openaz/xacml/admin/jpa/FunctionDefinition.java
@@ -0,0 +1,217 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License.
+ *
+ */
+
+package org.apache.openaz.xacml.admin.jpa;
+
+import java.io.Serializable;
+
+import javax.persistence.*;
+
+import java.util.List;
+
+
+/**
+ * The persistent class for the FunctionDefinition database table.
+ * 
+ */
+@Entity
+@Table(name="FunctionDefinition")
+@NamedQuery(name="FunctionDefinition.findAll", query="SELECT f FROM FunctionDefinition f")
+public class FunctionDefinition implements Serializable {
+	private static final long serialVersionUID = 1L;
+
+	@Id
+	@GeneratedValue(strategy=GenerationType.AUTO)
+	@Column(name="id")
+	private int id;
+
+	@Column(name="short_name", nullable=false, length=64)
+	private String shortname;
+
+	@Column(name="xacml_id", nullable=false, length=255)
+	private String xacmlid;
+	
+	//bi-directional many-to-one association to Datatype
+	@ManyToOne
+	@JoinColumn(name="return_datatype", nullable=true)
+	private Datatype datatypeBean;
+
+	@Column(name="is_bag_return", nullable=false)
+	private int isBagReturn;
+	
+	@Column(name="is_higher_order", nullable=false)
+	private int isHigherOrder;
+
+	@Column(name="arg_lb", nullable=false)
+	private int argLb;
+
+	@Column(name="arg_ub", nullable=false)
+	private int argUb;
+
+	@Column(name="ho_arg_lb", nullable=true)
+	private int higherOrderArg_LB;
+	
+	@Column(name="ho_arg_ub", nullable=true)
+	private int higherOrderArg_UB;
+	
+	@Column(name="ho_primitive", nullable=true)
+	private char higherOrderIsPrimitive;
+
+	//bi-directional many-to-one association to FunctionArgument
+	@OneToMany(mappedBy="functionDefinition")
+	private List<FunctionArgument> functionArguments;
+
+	public FunctionDefinition() {
+	}
+
+	public int getId() {
+		return this.id;
+	}
+
+	public void setId(int id) {
+		this.id = id;
+	}
+
+	public int getArgLb() {
+		return this.argLb;
+	}
+
+	public void setArgLb(int argLb) {
+		this.argLb = argLb;
+	}
+
+	public int getArgUb() {
+		return this.argUb;
+	}
+
+	public void setArgUb(int argUb) {
+		this.argUb = argUb;
+	}
+
+	public int getIsBagReturn() {
+		return isBagReturn;
+	}
+
+	public void setIsBagReturn(int isBagReturn) {
+		this.isBagReturn = isBagReturn;
+	}
+
+	public int getIsHigherOrder() {
+		return isHigherOrder;
+	}
+
+	public void setIsHigherOrder(int isHigherOrder) {
+		this.isHigherOrder = isHigherOrder;
+	}
+
+	public Datatype getDatatypeBean() {
+		return this.datatypeBean;
+	}
+
+	public void setDatatypeBean(Datatype datatypeBean) {
+		this.datatypeBean = datatypeBean;
+	}
+
+	public String getShortname() {
+		return this.shortname;
+	}
+
+	public void setShortname(String shortname) {
+		this.shortname = shortname;
+	}
+
+	public String getXacmlid() {
+		return this.xacmlid;
+	}
+
+	public void setXacmlid(String xacmlid) {
+		this.xacmlid = xacmlid;
+	}
+
+	public int getHigherOrderArg_LB() {
+		return higherOrderArg_LB;
+	}
+
+	public void setHigherOrderArg_LB(int higherOrderArg_LB) {
+		this.higherOrderArg_LB = higherOrderArg_LB;
+	}
+
+	public int getHigherOrderArg_UB() {
+		return higherOrderArg_UB;
+	}
+
+	public void setHigherOrderArg_UB(int higherOrderArg_UB) {
+		this.higherOrderArg_UB = higherOrderArg_UB;
+	}
+
+	public char getHigherOrderIsPrimitive() {
+		return higherOrderIsPrimitive;
+	}
+
+	public void setHigherOrderIsPrimitive(char higherOrderIsPrimitive) {
+		this.higherOrderIsPrimitive = higherOrderIsPrimitive;
+	}
+
+	public List<FunctionArgument> getFunctionArguments() {
+		return this.functionArguments;
+	}
+
+	public void setFunctionArguments(List<FunctionArgument> functionArguments) {
+		this.functionArguments = functionArguments;
+	}
+
+	public FunctionArgument addFunctionArgument(FunctionArgument functionArgument) {
+		getFunctionArguments().add(functionArgument);
+		functionArgument.setFunctionDefinition(this);
+
+		return functionArgument;
+	}
+
+	public FunctionArgument removeFunctionArgument(FunctionArgument functionArgument) {
+		getFunctionArguments().remove(functionArgument);
+		functionArgument.setFunctionDefinition(null);
+
+		return functionArgument;
+	}
+
+	@Transient
+	@Override
+	public String toString() {
+		return "FunctionDefinition [id=" + id + ", argLb=" + argLb + ", argUb="
+				+ argUb + ", isBagReturn=" + isBagReturn + ", isHigherOrder="
+				+ isHigherOrder + ", datatypeBean=" + datatypeBean
+				+ ", shortname=" + shortname + ", xacmlid=" + xacmlid
+				+ ", higherOrderArg_LB=" + higherOrderArg_LB
+				+ ", higherOrderArg_UB=" + higherOrderArg_UB
+				+ ", higherOrderIsPrimitive=" + higherOrderIsPrimitive
+				+ ", functionArguments=" + functionArguments + "]";
+	}
+
+	@Transient
+	public boolean isBagReturn() {
+		return this.isBagReturn == 1;
+	}
+
+	@Transient
+	public boolean isHigherOrder() {
+		return this.isHigherOrder == 1;
+	}
+
+}

http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/a1d93100/openaz-xacml-pap-admin/src/main/java/org/apache/openaz/xacml/admin/jpa/Obadvice.java
----------------------------------------------------------------------
diff --git a/openaz-xacml-pap-admin/src/main/java/org/apache/openaz/xacml/admin/jpa/Obadvice.java b/openaz-xacml-pap-admin/src/main/java/org/apache/openaz/xacml/admin/jpa/Obadvice.java
new file mode 100644
index 0000000..cda5802
--- /dev/null
+++ b/openaz-xacml-pap-admin/src/main/java/org/apache/openaz/xacml/admin/jpa/Obadvice.java
@@ -0,0 +1,227 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License.
+ *
+ */
+
+package org.apache.openaz.xacml.admin.jpa;
+
+import java.io.Serializable;
+import java.util.Date;
+import java.util.HashSet;
+import java.util.Set;
+
+import javax.persistence.CascadeType;
+import javax.persistence.Column;
+import javax.persistence.Entity;
+import javax.persistence.GeneratedValue;
+import javax.persistence.GenerationType;
+import javax.persistence.Id;
+import javax.persistence.NamedQuery;
+import javax.persistence.OneToMany;
+import javax.persistence.PrePersist;
+import javax.persistence.PreUpdate;
+import javax.persistence.Table;
+import javax.persistence.Temporal;
+import javax.persistence.TemporalType;
+import javax.persistence.Transient;
+
+import org.apache.openaz.xacml.api.Identifier;
+
+/**
+ * The persistent class for the Obadvice database table.
+ * 
+ */
+@Entity
+@Table(name="Obadvice")
+@NamedQuery(name="Obadvice.findAll", query="SELECT o FROM Obadvice o")
+public class Obadvice implements Serializable {
+	private static final long serialVersionUID = 1L;
+
+	public static final String OBLIGATION = "Obligation";
+	public static final String ADVICE = "Advice";
+	public static final String EFFECT_PERMIT = "Permit";
+	public static final String EFFECT_DENY = "Deny";
+	@Id
+	@GeneratedValue(strategy = GenerationType.AUTO)
+	@Column(name="id")
+	private int id;
+
+	@Column(name="type", nullable=false)
+	private String type;
+
+	@Column(name="xacml_id", nullable=false, length=255)
+	private String xacmlId;
+
+	@Column(name="fulfill_on", nullable=true, length=32)
+	private String fulfillOn;
+
+	@Column(name="description", nullable=true, length=2048)
+	private String description;
+
+	//bi-directional one-to-many association to Attribute Assignment
+	@OneToMany(mappedBy="obadvice", orphanRemoval=true, cascade=CascadeType.REMOVE)
+	private Set<ObadviceExpression> obadviceExpressions = new HashSet<ObadviceExpression>(2);
+
+	@Column(name="created_by", nullable=false, length=255)
+	private String createdBy;
+
+	@Temporal(TemporalType.TIMESTAMP)
+	@Column(name="created_date", nullable=false, updatable=false)
+	private Date createdDate; //NOPMD
+
+	@Column(name="modified_by", nullable=false, length=255)
+	private String modifiedBy;
+
+	@Temporal(TemporalType.TIMESTAMP)
+	@Column(name="modified_date", nullable=false)
+	private Date modifiedDate; //NOPMD
+
+	public Obadvice() {
+		this.type = Obadvice.OBLIGATION;
+		this.fulfillOn = Obadvice.EFFECT_PERMIT;
+	}
+	
+	public Obadvice(String domain, String userid) {
+		this.xacmlId = domain;
+		this.type = Obadvice.OBLIGATION;
+		this.fulfillOn = Obadvice.EFFECT_PERMIT;
+		this.createdBy = userid;
+		this.modifiedBy = userid;
+	}
+
+	public Obadvice(Identifier id, String userid) {
+		this(id.stringValue(), userid);
+	}
+
+	@PrePersist
+	public void	prePersist() {
+		Date date = new Date();
+		this.createdDate = date;
+		this.modifiedDate = date;
+	}
+	
+	@PreUpdate
+	public void preUpdate() {
+		this.modifiedDate = new Date();
+	}
+
+	public int getId() {
+		return this.id;
+	}
+
+	public void setId(int id) {
+		this.id = id;
+	}
+
+	public String getCreatedBy() {
+		return this.createdBy;
+	}
+
+	public void setCreatedBy(String createdBy) {
+		this.createdBy = createdBy;
+	}
+
+	public String getDescription() {
+		return this.description;
+	}
+
+	public void setDescription(String description) {
+		this.description = description;
+	}
+
+	public String getFulfillOn() {
+		return this.fulfillOn;
+	}
+
+	public void setFulfillOn(String fulfillOn) {
+		this.fulfillOn = fulfillOn;
+	}
+
+	public String getModifiedBy() {
+		return this.modifiedBy;
+	}
+
+	public void setModifiedBy(String modifiedBy) {
+		this.modifiedBy = modifiedBy;
+	}
+
+	public String getType() {
+		return this.type;
+	}
+
+	public void setType(String type) {
+		this.type = type;
+	}
+
+	public String getXacmlId() {
+		return this.xacmlId;
+	}
+
+	public void setXacmlId(String xacmlId) {
+		this.xacmlId = xacmlId;
+	}
+
+	public Set<ObadviceExpression> getObadviceExpressions() {
+		return this.obadviceExpressions;
+	}
+
+	public void setObadviceExpressions(Set<ObadviceExpression> obadviceExpressions) {
+		this.obadviceExpressions = obadviceExpressions;
+	}
+
+	public ObadviceExpression addObadviceExpression(ObadviceExpression obadviceExpression) {
+		this.obadviceExpressions.add(obadviceExpression);
+		obadviceExpression.setObadvice(this);
+
+		return obadviceExpression;
+	}
+
+	public ObadviceExpression removeObadviceExpression(ObadviceExpression obadviceExpression) {
+		this.obadviceExpressions.remove(obadviceExpression);
+		obadviceExpression.setObadvice(null);
+
+		return obadviceExpression;
+	}
+	
+	public void removeAllExpressions() {
+		if (this.obadviceExpressions == null) {
+			return;
+		}
+		for (ObadviceExpression expression : this.obadviceExpressions) {
+			expression.setObadvice(null);
+		}
+		this.obadviceExpressions.clear();
+	}
+
+	@Transient
+	public Obadvice clone() {
+		Obadvice obadvice = new Obadvice();
+		
+		obadvice.type = this.type;
+		obadvice.xacmlId = this.xacmlId;
+		obadvice.fulfillOn = this.fulfillOn;
+		obadvice.description = this.description;
+		obadvice.createdBy = this.createdBy;
+		obadvice.modifiedBy = this.modifiedBy;
+		for (ObadviceExpression exp: this.obadviceExpressions) {
+			obadvice.addObadviceExpression(exp.clone());
+		}
+
+		return obadvice;
+	}
+}

http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/a1d93100/openaz-xacml-pap-admin/src/main/java/org/apache/openaz/xacml/admin/jpa/ObadviceExpression.java
----------------------------------------------------------------------
diff --git a/openaz-xacml-pap-admin/src/main/java/org/apache/openaz/xacml/admin/jpa/ObadviceExpression.java b/openaz-xacml-pap-admin/src/main/java/org/apache/openaz/xacml/admin/jpa/ObadviceExpression.java
new file mode 100644
index 0000000..2a79639
--- /dev/null
+++ b/openaz-xacml-pap-admin/src/main/java/org/apache/openaz/xacml/admin/jpa/ObadviceExpression.java
@@ -0,0 +1,124 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License.
+ *
+ */
+
+package org.apache.openaz.xacml.admin.jpa;
+
+import java.io.Serializable;
+
+import javax.persistence.Column;
+import javax.persistence.Entity;
+import javax.persistence.GeneratedValue;
+import javax.persistence.GenerationType;
+import javax.persistence.Id;
+import javax.persistence.JoinColumn;
+// import javax.persistence.Lob;
+import javax.persistence.ManyToOne;
+import javax.persistence.NamedQuery;
+import javax.persistence.OneToOne;
+import javax.persistence.Table;
+
+
+/**
+ * The persistent class for the ObadviceExpressions database table.
+ * 
+ */
+@Entity
+@Table(name="ObadviceExpressions")
+@NamedQuery(name="ObadviceExpression.findAll", query="SELECT o FROM ObadviceExpression o")
+public class ObadviceExpression implements Serializable {
+	private static final long serialVersionUID = 1L;
+
+	public static final String EXPRESSION_APPLY = "Apply";
+	public static final String EXPRESSION_SELECTOR = "Attribute Selector";
+	public static final String EXPRESSION_VALUE = "Attribute Value";
+	public static final String EXPRESSION_FUNCTION = "Function";
+	public static final String EXPRESSION_REFERENCE = "Varable Reference";
+	public static final String EXPRESSION_DESIGNATOR = "Attribute Designator";
+
+	@Id
+	@GeneratedValue(strategy = GenerationType.AUTO)
+	@Column(name="id")
+	private int id;
+
+	//unidirectional one-to-one association to Attribute
+	@OneToOne
+	@JoinColumn(name="attribute_id")
+	private Attribute attribute;
+
+	@Column(name="type", nullable=false)
+	private String type;
+	
+	/*
+	@Lob
+	@Column(name="expression", nullable=false)
+	private byte[] expression;
+	*/
+
+	//bi-directional many-to-one association to Obadvice
+	@ManyToOne
+	@JoinColumn(name="obadvice_id")
+	private Obadvice obadvice;
+
+	public ObadviceExpression() {
+		type = EXPRESSION_VALUE;
+	}
+
+	public int getId() {
+		return this.id;
+	}
+
+	public void setId(int id) {
+		this.id = id;
+	}
+
+	public Attribute getAttribute() {
+		return this.attribute;
+	}
+
+	public void setAttribute(Attribute attribute) {
+		this.attribute = attribute;
+	}
+
+	public String getType() {
+		return this.type;
+	}
+
+	public void setType(String type) {
+		this.type = type;
+	}
+
+	public Obadvice getObadvice() {
+		return this.obadvice;
+	}
+
+	public void setObadvice(Obadvice obadvice) {
+		this.obadvice = obadvice;
+	}
+
+	public ObadviceExpression clone() {
+		ObadviceExpression expression = new ObadviceExpression();
+		
+		expression.attribute = this.attribute;
+		expression.type = this.type;
+		expression.obadvice = this.obadvice;
+		
+		return expression;
+	}
+}

http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/a1d93100/openaz-xacml-pap-admin/src/main/java/org/apache/openaz/xacml/admin/jpa/PIPConfigParam.java
----------------------------------------------------------------------
diff --git a/openaz-xacml-pap-admin/src/main/java/org/apache/openaz/xacml/admin/jpa/PIPConfigParam.java b/openaz-xacml-pap-admin/src/main/java/org/apache/openaz/xacml/admin/jpa/PIPConfigParam.java
new file mode 100644
index 0000000..a4c4a16
--- /dev/null
+++ b/openaz-xacml-pap-admin/src/main/java/org/apache/openaz/xacml/admin/jpa/PIPConfigParam.java
@@ -0,0 +1,147 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License.
+ *
+ */
+
+package org.apache.openaz.xacml.admin.jpa;
+
+import java.io.Serializable;
+
+import javax.persistence.*;
+
+
+/**
+ * The persistent class for the PIPConfigParams database table.
+ * 
+ */
+@Entity
+@Table(name="PIPConfigParams")
+@NamedQuery(name="PIPConfigParam.findAll", query="SELECT p FROM PIPConfigParam p")
+public class PIPConfigParam implements Serializable {
+	private static final long serialVersionUID = 1L;
+
+	@Id
+	@GeneratedValue(strategy=GenerationType.AUTO)
+	@Column(name="id")
+	private int id;
+
+	@Column(name="PARAM_NAME", nullable=false, length=1024)
+	private String paramName;
+
+	@Column(name="PARAM_VALUE", nullable=false, length=2048)
+	private String paramValue;
+
+	@Column(name="PARAM_DEFAULT", nullable=true, length=2048)
+	private String paramDefault = null;
+	
+	@Column(name="REQUIRED", nullable=false)
+	private char required = '0';
+
+	//bi-directional many-to-one association to PIPConfiguration
+	@ManyToOne
+	@JoinColumn(name="PIP_ID")
+	private PIPConfiguration pipconfiguration;
+
+	public PIPConfigParam() {
+	}
+
+	public PIPConfigParam(String param) {
+		this.paramName = param;
+	}
+
+	public PIPConfigParam(String param, String value) {
+		this(param);
+		this.paramValue = value;
+	}
+
+	public PIPConfigParam(PIPConfigParam param) {
+		this(param.getParamName(), param.getParamValue());
+		this.paramDefault = param.getParamDefault();
+		this.required = param.required;
+	}
+
+	public int getId() {
+		return this.id;
+	}
+
+	public void setId(int id) {
+		this.id = id;
+	}
+
+	public String getParamName() {
+		return this.paramName;
+	}
+
+	public void setParamName(String paramName) {
+		this.paramName = paramName;
+	}
+
+	public String getParamValue() {
+		return this.paramValue;
+	}
+
+	public void setParamValue(String paramValue) {
+		this.paramValue = paramValue;
+	}
+
+	public String getParamDefault() {
+		return paramDefault;
+	}
+
+	public void setParamDefault(String paramDefault) {
+		this.paramDefault = paramDefault;
+	}
+
+	public char getRequired() {
+		return required;
+	}
+
+	public void setRequired(char required) {
+		this.required = required;
+	}
+
+	public PIPConfiguration getPipconfiguration() {
+		return this.pipconfiguration;
+	}
+
+	public void setPipconfiguration(PIPConfiguration pipconfiguration) {
+		this.pipconfiguration = pipconfiguration;
+	}
+
+	@Transient
+	public boolean isRequired() {
+		return this.required == '1';
+	}
+	
+	@Transient
+	public void setRequired(boolean required) {
+		if (required) {
+			this.setRequired('1');
+		} else {
+			this.setRequired('0');
+		}
+	}
+
+	@Transient
+	@Override
+	public String toString() {
+		return "PIPConfigParam [id=" + id + ", paramName=" + paramName
+				+ ", paramValue=" + paramValue + ", required=" + required + "]";
+	}
+
+}

http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/a1d93100/openaz-xacml-pap-admin/src/main/java/org/apache/openaz/xacml/admin/jpa/PIPConfiguration.java
----------------------------------------------------------------------
diff --git a/openaz-xacml-pap-admin/src/main/java/org/apache/openaz/xacml/admin/jpa/PIPConfiguration.java b/openaz-xacml-pap-admin/src/main/java/org/apache/openaz/xacml/admin/jpa/PIPConfiguration.java
new file mode 100644
index 0000000..d540e2b
--- /dev/null
+++ b/openaz-xacml-pap-admin/src/main/java/org/apache/openaz/xacml/admin/jpa/PIPConfiguration.java
@@ -0,0 +1,554 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License.
+ *
+ */
+
+package org.apache.openaz.xacml.admin.jpa;
+
+import java.io.Serializable;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Date;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+import java.util.Properties;
+import java.util.Set;
+
+import javax.persistence.CascadeType;
+import javax.persistence.Column;
+import javax.persistence.Entity;
+import javax.persistence.GeneratedValue;
+import javax.persistence.GenerationType;
+import javax.persistence.Id;
+import javax.persistence.JoinColumn;
+import javax.persistence.ManyToOne;
+import javax.persistence.NamedQuery;
+import javax.persistence.OneToMany;
+import javax.persistence.PrePersist;
+import javax.persistence.PreUpdate;
+import javax.persistence.Table;
+import javax.persistence.Temporal;
+import javax.persistence.TemporalType;
+import javax.persistence.Transient;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
+import org.apache.openaz.xacml.admin.XacmlAdminUI;
+import org.apache.openaz.xacml.admin.util.JPAUtils;
+import org.apache.openaz.xacml.api.pip.PIPException;
+import org.apache.openaz.xacml.std.pip.engines.StdConfigurableEngine;
+import org.apache.openaz.xacml.std.pip.engines.csv.CSVEngine;
+import org.apache.openaz.xacml.std.pip.engines.csv.HyperCSVEngine;
+import org.apache.openaz.xacml.std.pip.engines.jdbc.JDBCEngine;
+import org.apache.openaz.xacml.std.pip.engines.ldap.LDAPEngine;
+import org.apache.openaz.xacml.util.XACMLProperties;
+import com.google.common.base.Joiner;
+import com.google.common.base.Splitter;
+import com.vaadin.ui.UI;
+
+
+/**
+ * The persistent class for the PIPConfiguration database table.
+ * 
+ */
+@Entity
+@Table(name="PIPConfiguration")
+@NamedQuery(name="PIPConfiguration.findAll", query="SELECT p FROM PIPConfiguration p")
+public class PIPConfiguration implements Serializable {
+	private static final long serialVersionUID = 1L;
+	private static final Log logger	= LogFactory.getLog(PIPConfiguration.class);
+
+	@Id
+	@GeneratedValue(strategy=GenerationType.AUTO)
+	@Column(name="id")
+	private int id;
+
+	@Column(name="DESCRIPTION", nullable=true, length=2048)
+	private String description;
+
+	@Column(name="NAME", nullable=false, length=255)
+	private String name;
+
+	@Column(name="CLASSNAME", nullable=false, length=2048)
+	private String classname;
+
+	@Column(name="ISSUER", nullable=true, length=1024)
+	private String issuer;
+
+	@Column(name="READ_ONLY", nullable=false)
+	private char readOnly = '0';
+
+	@Column(name="REQUIRES_RESOLVER", nullable=false)
+	private char requiresResolvers;
+
+	@Column(name="CREATED_BY", nullable=false, length=255)
+	private String createdBy = "guest";
+
+	@Temporal(TemporalType.TIMESTAMP)
+	@Column(name="CREATED_DATE", nullable=false, updatable=false)
+	private Date createdDate;
+
+	@Column(name="MODIFIED_BY", nullable=false, length=255)
+	private String modifiedBy = "guest";
+
+	@Temporal(TemporalType.TIMESTAMP)
+	@Column(name="MODIFIED_DATE", nullable=false)
+	private Date modifiedDate;
+
+	//bi-directional many-to-one association to PIPConfigParam
+	@OneToMany(mappedBy="pipconfiguration", orphanRemoval=true, cascade=CascadeType.REMOVE)
+	private Set<PIPConfigParam> pipconfigParams = new HashSet<PIPConfigParam>();
+
+	//bi-directional many-to-one association to PIPType
+	@ManyToOne
+	@JoinColumn(name="TYPE")
+	private PIPType piptype;
+
+	//bi-directional many-to-one association to PIPResolver
+	@OneToMany(mappedBy="pipconfiguration", orphanRemoval=true, cascade=CascadeType.REMOVE)
+	private Set<PIPResolver> pipresolvers = new HashSet<PIPResolver>();
+
+	public PIPConfiguration() {
+	}
+	
+	public PIPConfiguration(PIPConfiguration config, String user) { //NOPMD
+		this.description = config.description;
+		this.name = config.name;
+		this.classname = config.classname;
+		this.issuer = config.issuer;
+		this.requiresResolvers = config.requiresResolvers;
+		this.readOnly = config.readOnly;
+		this.piptype = config.piptype;
+		for (PIPConfigParam param : config.pipconfigParams) {
+			this.addPipconfigParam(new PIPConfigParam(param));
+		}
+		for (PIPResolver resolver : config.pipresolvers) {
+			this.addPipresolver(new PIPResolver(resolver));
+		}
+	}
+	
+	public PIPConfiguration(String id, Properties properties) throws PIPException {
+		this.readProperties(id, properties);
+	}
+	
+	public PIPConfiguration(String id, Properties properties, String user) throws PIPException {
+		this.createdBy = user;
+		this.modifiedBy = user;
+		this.readProperties(id, properties);
+	}
+
+	@PrePersist
+	public void	prePersist() {
+		Date date = new Date();
+		this.createdDate = date;
+		this.modifiedDate = date;
+	}
+	
+	@PreUpdate
+	public void preUpdate() {
+		this.modifiedDate = new Date();
+	}
+
+	public int getId() {
+		return this.id;
+	}
+
+	public void setId(int id) {
+		this.id = id;
+	}
+
+	public String getDescription() {
+		return this.description;
+	}
+
+	public void setDescription(String description) {
+		this.description = description;
+	}
+
+	public String getName() {
+		return this.name;
+	}
+
+	public void setName(String name) {
+		this.name = name;
+	}
+
+	public String getClassname() {
+		return classname;
+	}
+
+	public void setClassname(String classname) {
+		this.classname = classname;
+	}
+
+	public String getIssuer() {
+		return issuer;
+	}
+
+	public void setIssuer(String issuer) {
+		this.issuer = issuer;
+	}
+
+	public char getReadOnly() {
+		return readOnly;
+	}
+
+	public void setReadOnly(char readOnly) {
+		this.readOnly = readOnly;
+	}
+
+	public char getRequiresResolvers() {
+		return requiresResolvers;
+	}
+
+	public void setRequiresResolvers(char requireResolvers) {
+		this.requiresResolvers = requireResolvers;
+	}
+
+	public Set<PIPConfigParam> getPipconfigParams() {
+		return this.pipconfigParams;
+	}
+
+	public void setPipconfigParams(Set<PIPConfigParam> pipconfigParams) {
+		this.pipconfigParams = pipconfigParams;
+	}
+
+	public PIPConfigParam addPipconfigParam(PIPConfigParam pipconfigParam) {
+		getPipconfigParams().add(pipconfigParam);
+		pipconfigParam.setPipconfiguration(this);
+
+		return pipconfigParam;
+	}
+
+	public PIPConfigParam removePipconfigParam(PIPConfigParam pipconfigParam) {
+		if (pipconfigParam == null) {
+			return pipconfigParam;
+		}
+		getPipconfigParams().remove(pipconfigParam);
+		pipconfigParam.setPipconfiguration(null);
+
+		return pipconfigParam;
+	}
+	
+	@Transient
+	public void clearConfigParams() {
+		while (this.pipconfigParams.isEmpty() == false) {
+			this.removePipconfigParam(this.pipconfigParams.iterator().next());
+		}
+	}
+
+	public PIPType getPiptype() {
+		return this.piptype;
+	}
+
+	public void setPiptype(PIPType piptype) {
+		this.piptype = piptype;
+	}
+
+	public Set<PIPResolver> getPipresolvers() {
+		return this.pipresolvers;
+	}
+
+	public void setPipresolvers(Set<PIPResolver> pipresolvers) {
+		this.pipresolvers = pipresolvers;
+	}
+
+	public PIPResolver addPipresolver(PIPResolver pipresolver) {
+		getPipresolvers().add(pipresolver);
+		pipresolver.setPipconfiguration(this);
+
+		return pipresolver;
+	}
+
+	public PIPResolver removePipresolver(PIPResolver pipresolver) {
+		getPipresolvers().remove(pipresolver);
+		pipresolver.setPipconfiguration(null);
+
+		return pipresolver;
+	}
+
+	public String getCreatedBy() {
+		return createdBy;
+	}
+
+	public void setCreatedBy(String createdBy) {
+		this.createdBy = createdBy;
+	}
+
+	public Date getCreatedDate() {
+		return createdDate;
+	}
+
+	public void setCreatedDate(Date createdDate) {
+		this.createdDate = createdDate;
+	}
+
+	public String getModifiedBy() {
+		return modifiedBy;
+	}
+
+	public void setModifiedBy(String modifiedBy) {
+		this.modifiedBy = modifiedBy;
+	}
+
+	public Date getModifiedDate() {
+		return modifiedDate;
+	}
+
+	public void setModifiedDate(Date modifiedDate) {
+		this.modifiedDate = modifiedDate;
+	}
+
+	@Transient
+	public boolean isReadOnly() {
+		return this.readOnly == '1';
+	}
+	
+	@Transient
+	public void setReadOnly(boolean readOnly) {
+		if (readOnly) {
+			this.readOnly = '1';
+		} else {
+			this.readOnly = '0';
+		}
+	}
+	
+	@Transient
+	public boolean requiresResolvers() {
+		return this.requiresResolvers == '1';
+	}
+	
+	@Transient
+	public void	setRequiresResolvers(boolean requires) {
+		if (requires) {
+			this.requiresResolvers = '1';
+		} else {
+			this.requiresResolvers = '0';
+		}
+	}
+	
+	@Transient
+	public static Collection<PIPConfiguration>		importPIPConfigurations(Properties properties) {
+		Collection<PIPConfiguration> configurations = new ArrayList<PIPConfiguration>();
+		String engines = properties.getProperty(XACMLProperties.PROP_PIP_ENGINES);
+		if (engines == null || engines.isEmpty()) {
+			return configurations;
+		}
+		for (String id : Splitter.on(',').trimResults().omitEmptyStrings().split(engines)) {
+			PIPConfiguration configuration;
+			try {
+				String user = ((XacmlAdminUI)UI.getCurrent()).getUserid();
+				configuration = new PIPConfiguration(id, properties, user);
+				configuration.setCreatedBy(user);
+				configuration.setModifiedBy(user);
+				configurations.add(configuration);
+			} catch (PIPException e) {
+				logger.error("Import failed: " + e.getLocalizedMessage());
+			}
+		}
+		
+		return configurations;
+	}
+	
+	@Transient
+	protected	void		readProperties(String id, Properties properties) throws PIPException {
+		//
+		// Save the id if we don't have one already
+		//
+		if (this.id == 0) {
+			try {
+				this.id = Integer.parseInt(id);
+			} catch (NumberFormatException e) {
+				logger.error("Convert id to integer failed: " + id);
+			}
+		}
+		//
+		// Get its classname, this MUST exist.
+		//
+		this.classname = properties.getProperty(id + ".classname");
+		if (this.classname == null) {
+			throw new PIPException("PIP Engine defined without a classname");
+		}
+		//
+		// These classes we know for sure require resolvers.
+		//
+		if (this.classname.equals(JDBCEngine.class.getCanonicalName())) {
+			this.setRequiresResolvers(true);
+			this.setPiptype(JPAUtils.getPIPType(PIPType.TYPE_SQL));
+		} else if (this.classname.equals(LDAPEngine.class.getCanonicalName())) {
+			this.setRequiresResolvers(true);
+			this.setPiptype(JPAUtils.getPIPType(PIPType.TYPE_LDAP));
+		} else if (this.classname.equals(HyperCSVEngine.class.getCanonicalName())) {
+			this.setRequiresResolvers(true);
+			this.setPiptype(JPAUtils.getPIPType(PIPType.TYPE_HYPERCSV));
+		} else if (this.classname.equals(CSVEngine.class.getCanonicalName())) {
+			this.setRequiresResolvers(true);
+			this.setPiptype(JPAUtils.getPIPType(PIPType.TYPE_CSV));
+		} else {
+			//
+			// Assume it does not require resolvers for now, if we encounter
+			// one then we will change it. The user can always change it via the gui.
+			// 
+			this.setRequiresResolvers(false);
+			this.setPiptype(JPAUtils.getPIPType(PIPType.TYPE_CUSTOM));
+		}
+		//
+		// Go through each property
+		//
+		for (Object name : properties.keySet()) {
+			if (name.toString().startsWith(id) == false || name.equals(id + ".classname")) {
+				continue;
+			}
+			if (name.equals(id + "." + StdConfigurableEngine.PROP_NAME)) {
+				this.name = properties.getProperty(name.toString());
+			} else if (name.equals(id + "." + StdConfigurableEngine.PROP_DESCRIPTION)) {
+				this.description = properties.getProperty(name.toString());
+			} else if (name.equals(id + "." + StdConfigurableEngine.PROP_ISSUER)) {
+				this.issuer = properties.getProperty(name.toString());
+			} else if (name.equals(id + ".resolvers")) {
+				//
+				// It has resolvers, make sure this is set to true if
+				// it has been already.
+				//
+				this.setRequiresResolvers(true);
+				//
+				// Parse the resolvers
+				//
+				Collection<PIPResolver> resolvers = PIPResolver.importResolvers(id + ".resolver",
+																		properties.getProperty(name.toString()),
+																		properties,
+																		((XacmlAdminUI)UI.getCurrent()).getUserid());
+				for (PIPResolver resolver : resolvers) {
+					this.addPipresolver(resolver);
+				}
+			// Ignore {id}.resolver: the PIPResolver will parse these values
+			} else if (! name.toString().startsWith(id + ".resolver")) {
+				//
+				// Config Parameter
+				//
+				this.addPipconfigParam(new PIPConfigParam(name.toString().substring(id.length() + 1), 
+													properties.getProperty(name.toString())));
+			}
+		}
+		//
+		// Make sure we have a name at least
+		//
+		if (this.name == null) {
+			this.name = id;
+		}
+	}
+	
+
+	@Transient
+	public Map<String, String> getConfiguration(String name) {
+		String prefix;
+		if (name == null) {
+			prefix = Integer.toString(this.id);
+		} else {
+			prefix = name;
+		}
+		if (prefix.endsWith(".") == false) {
+			prefix = prefix + ".";
+		}
+		Map<String, String> map = new HashMap<String, String>();
+		map.put(prefix + "classname", this.classname);
+		map.put(prefix + "name", this.name);
+		if (this.description != null) {
+			map.put(prefix + "description", this.description);
+		}
+		if (this.issuer != null) {
+			map.put(prefix + "issuer", this.issuer);
+		}
+		
+		for (PIPConfigParam param : this.pipconfigParams) {
+			map.put(prefix + param.getParamName(), param.getParamValue());
+		}
+		
+		List<String> ids = new ArrayList<String>();
+		Iterator<PIPResolver> iter = this.pipresolvers.iterator();
+		while (iter.hasNext()) {
+			PIPResolver resolver = iter.next();
+			String id = Integer.toString(resolver.getId());
+			Map<String, String> resolverMap = resolver.getConfiguration(prefix + "resolver." + id);
+			map.putAll(resolverMap);
+			ids.add(id);
+		}
+		if (ids.size() > 0) {
+			map.put(prefix + "resolvers", Joiner.on(',').join(ids));
+		}
+		return map;
+	}
+	
+	@Transient
+	public Properties	generateProperties(String name) {
+		String prefix;
+		if (name == null) {
+			prefix = Integer.toString(this.id);
+		} else {
+			if (name.endsWith(".")) {
+				prefix = name;
+			} else {
+				prefix = name + ".";
+			}
+		}
+		Properties props = new Properties();
+		props.setProperty("xacml.pip.engines", name);
+		props.setProperty(prefix + "classname", this.classname);
+		props.setProperty(prefix + "name", this.name);
+		if (this.description != null) {
+			props.setProperty(prefix + "description", this.description);
+		}
+		if (this.issuer != null && this.issuer.isEmpty() == false) {
+			props.setProperty(prefix + "issuer", this.issuer);
+		}
+		
+		for (PIPConfigParam param : this.pipconfigParams) {
+			props.setProperty(prefix + param.getParamName(), param.getParamValue());
+		}
+		
+		List<String> ids = new ArrayList<String>();
+		Iterator<PIPResolver> iter = this.pipresolvers.iterator();
+		while (iter.hasNext()) {
+			PIPResolver resolver = iter.next();
+			String id = Integer.toString(resolver.getId());
+			resolver.generateProperties(props, prefix + "resolver." + id);
+			ids.add(id);
+		}
+		if (ids.size() > 0) {
+			props.setProperty(prefix + "resolvers", Joiner.on(',').join(ids));
+		}
+		return props;
+	}
+
+	@Transient
+	@Override
+	public String toString() {
+		return "PIPConfiguration [id=" + id + ", piptype=" + piptype
+				+ ", classname=" + classname + ", name=" + name
+				+ ", description=" + description + ", issuer=" + issuer
+				+ ", readOnly=" + readOnly + ", requiresResolvers="
+				+ requiresResolvers + ", createdBy=" + createdBy
+				+ ", createdDate=" + createdDate + ", modifiedBy=" + modifiedBy
+				+ ", modifiedDate=" + modifiedDate + ", pipconfigParams="
+				+ pipconfigParams + ", pipresolvers=" + pipresolvers + "]";
+	}
+}

http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/a1d93100/openaz-xacml-pap-admin/src/main/java/org/apache/openaz/xacml/admin/jpa/PIPResolver.java
----------------------------------------------------------------------
diff --git a/openaz-xacml-pap-admin/src/main/java/org/apache/openaz/xacml/admin/jpa/PIPResolver.java b/openaz-xacml-pap-admin/src/main/java/org/apache/openaz/xacml/admin/jpa/PIPResolver.java
new file mode 100644
index 0000000..59c9307
--- /dev/null
+++ b/openaz-xacml-pap-admin/src/main/java/org/apache/openaz/xacml/admin/jpa/PIPResolver.java
@@ -0,0 +1,362 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License.
+ *
+ */
+
+package org.apache.openaz.xacml.admin.jpa;
+
+import java.io.Serializable;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Date;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Map;
+import java.util.Properties;
+import java.util.Set;
+
+import javax.persistence.CascadeType;
+import javax.persistence.Column;
+import javax.persistence.Entity;
+import javax.persistence.GeneratedValue;
+import javax.persistence.GenerationType;
+import javax.persistence.Id;
+import javax.persistence.JoinColumn;
+import javax.persistence.ManyToOne;
+import javax.persistence.NamedQuery;
+import javax.persistence.OneToMany;
+import javax.persistence.PrePersist;
+import javax.persistence.PreUpdate;
+import javax.persistence.Table;
+import javax.persistence.Temporal;
+import javax.persistence.TemporalType;
+import javax.persistence.Transient;
+
+import org.apache.openaz.xacml.api.pip.PIPException;
+import org.apache.openaz.xacml.std.pip.engines.StdConfigurableEngine;
+import com.google.common.base.Splitter;
+
+
+/**
+ * The persistent class for the PIPResolver database table.
+ * 
+ */
+@Entity
+@Table(name="PIPResolver")
+@NamedQuery(name="PIPResolver.findAll", query="SELECT p FROM PIPResolver p")
+public class PIPResolver implements Serializable {
+	private static final long serialVersionUID = 1L;
+
+	@Id
+	@GeneratedValue(strategy=GenerationType.AUTO)
+	@Column(name="id")
+	private int id;
+
+	@Column(name="DESCRIPTION", nullable=true, length=2048)
+	private String description;
+
+	@Column(name="NAME", nullable=false, length=255)
+	private String name;
+
+	@Column(name="ISSUER", nullable=true, length=1024)
+	private String issuer;
+
+	@Column(name="CLASSNAME", nullable=false, length=2048)
+	private String classname;
+
+	@Column(name="READ_ONLY", nullable=false)
+	private char readOnly = '0';
+
+	@Column(name="CREATED_BY", nullable=false, length=255)
+	private String createdBy = "guest";
+
+	@Temporal(TemporalType.TIMESTAMP)
+	@Column(name="CREATED_DATE", nullable=false, updatable=false)
+	private Date createdDate;
+
+	@Column(name="MODIFIED_BY", nullable=false, length=255)
+	private String modifiedBy = "guest";
+
+	@Temporal(TemporalType.TIMESTAMP)
+	@Column(name="MODIFIED_DATE", nullable=false)
+	private Date modifiedDate;
+
+	//bi-directional many-to-one association to PIPConfiguration
+	@ManyToOne
+	@JoinColumn(name="PIP_ID")
+	private PIPConfiguration pipconfiguration;
+
+	//bi-directional many-to-one association to PIPResolverParam
+	@OneToMany(mappedBy="pipresolver", orphanRemoval=true, cascade=CascadeType.REMOVE)
+	private Set<PIPResolverParam> pipresolverParams = new HashSet<PIPResolverParam>();
+
+	public PIPResolver() {
+	}
+	
+	public PIPResolver(String prefix, Properties properties, String user) throws PIPException {
+		this.createdBy = user;
+		this.modifiedBy = user;
+		this.readOnly = '0';
+		this.readProperties(prefix, properties);
+	}
+	
+	public PIPResolver(PIPResolver resolver) {
+		this.name = resolver.name;
+		this.description = resolver.description;
+		this.issuer = resolver.issuer;
+		this.classname = resolver.classname;
+		this.readOnly = resolver.readOnly;
+		for (PIPResolverParam param : this.pipresolverParams) {
+			this.addPipresolverParam(new PIPResolverParam(param));
+		}
+	}
+
+	@PrePersist
+	public void	prePersist() {
+		Date date = new Date();
+		this.createdDate = date;
+		this.modifiedDate = date;
+	}
+	
+	@PreUpdate
+	public void preUpdate() {
+		this.modifiedDate = new Date();
+	}
+
+	public int getId() {
+		return this.id;
+	}
+
+	public void setId(int id) {
+		this.id = id;
+	}
+
+	public String getDescription() {
+		return this.description;
+	}
+
+	public void setDescription(String description) {
+		this.description = description;
+	}
+
+	public String getName() {
+		return this.name;
+	}
+
+	public void setName(String name) {
+		this.name = name;
+	}
+
+	public String getIssuer() {
+		return issuer;
+	}
+
+	public void setIssuer(String issuer) {
+		this.issuer = issuer;
+	}
+
+	public String getClassname() {
+		return classname;
+	}
+
+	public void setClassname(String classname) {
+		this.classname = classname;
+	}
+
+	public char getReadOnly() {
+		return readOnly;
+	}
+
+	public void setReadOnly(char readOnly) {
+		this.readOnly = readOnly;
+	}
+
+	public String getCreatedBy() {
+		return createdBy;
+	}
+
+	public void setCreatedBy(String createdBy) {
+		this.createdBy = createdBy;
+	}
+
+	public Date getCreatedDate() {
+		return createdDate;
+	}
+
+	public void setCreatedDate(Date createdDate) {
+		this.createdDate = createdDate;
+	}
+
+	public String getModifiedBy() {
+		return modifiedBy;
+	}
+
+	public void setModifiedBy(String modifiedBy) {
+		this.modifiedBy = modifiedBy;
+	}
+
+	public Date getModifiedDate() {
+		return modifiedDate;
+	}
+
+	public void setModifiedDate(Date modifiedDate) {
+		this.modifiedDate = modifiedDate;
+	}
+
+	public PIPConfiguration getPipconfiguration() {
+		return this.pipconfiguration;
+	}
+
+	public void setPipconfiguration(PIPConfiguration pipconfiguration) {
+		this.pipconfiguration = pipconfiguration;
+	}
+
+	public Set<PIPResolverParam> getPipresolverParams() {
+		return this.pipresolverParams;
+	}
+
+	public void setPipresolverParams(Set<PIPResolverParam> pipresolverParams) {
+		this.pipresolverParams = pipresolverParams;
+	}
+
+	public PIPResolverParam addPipresolverParam(PIPResolverParam pipresolverParam) {
+		getPipresolverParams().add(pipresolverParam);
+		pipresolverParam.setPipresolver(this);
+
+		return pipresolverParam;
+	}
+
+	public PIPResolverParam removePipresolverParam(PIPResolverParam pipresolverParam) {
+		if (pipresolverParam == null) {
+			return pipresolverParam;
+		}
+		getPipresolverParams().remove(pipresolverParam);
+		pipresolverParam.setPipresolver(null);
+
+		return pipresolverParam;
+	}
+	
+	@Transient
+	public void clearParams() {
+		while (this.pipresolverParams.isEmpty() == false) {
+			this.removePipresolverParam(this.pipresolverParams.iterator().next());
+		}
+	}
+
+	@Transient
+	public boolean isReadOnly() {
+		return this.readOnly == '1';
+	}
+	
+	@Transient
+	public void setReadOnly(boolean readOnly) {
+		if (readOnly) {
+			this.readOnly = '1';
+		} else {
+			this.readOnly = '0';
+		}
+	}
+	
+	@Transient
+	public static Collection<PIPResolver>	importResolvers(String prefix, String list, Properties properties, String user) throws PIPException {
+		Collection<PIPResolver> resolvers = new ArrayList<PIPResolver>();
+		for (String id : Splitter.on(',').trimResults().omitEmptyStrings().split(list)) {
+			resolvers.add(new PIPResolver(prefix + "." + id, properties, user));
+		}		
+		return resolvers;
+	}
+
+	@Transient
+	protected void readProperties(String prefix, Properties properties) throws PIPException {
+		//
+		// Get its classname, this MUST exist.
+		//
+		this.classname = properties.getProperty(prefix + ".classname");
+		if (this.classname == null) {
+			throw new PIPException("PIP Engine defined without a classname");
+		}
+		//
+		// Go through each property
+		//
+		for (Object name : properties.keySet()) {
+			if (name.toString().startsWith(prefix) == false || name.equals(prefix + ".classname")) {
+				continue;
+			}
+
+			if (name.equals(prefix + "." + StdConfigurableEngine.PROP_NAME)) {
+				this.name = properties.getProperty(name.toString());
+			} else if (name.equals(prefix + "." + StdConfigurableEngine.PROP_DESCRIPTION)) {
+				this.description = properties.getProperty(name.toString());
+			} else if (name.equals(prefix + "." + StdConfigurableEngine.PROP_ISSUER)) {
+				this.issuer = properties.getProperty(name.toString());
+			} else {
+				this.addPipresolverParam(new PIPResolverParam(name.toString().substring(prefix.length() + 1),
+															properties.getProperty(name.toString())));
+			}
+		}
+	}
+
+	@Transient
+	public Map<String, String> getConfiguration(String prefix) {
+		Map<String, String> map = new HashMap<String, String>();
+		if (prefix.endsWith(".") == false) {
+			prefix = prefix + ".";
+		}
+		map.put(prefix + "classname", this.classname);
+		map.put(prefix + "name", this.name);
+		if (this.description != null) {
+			map.put(prefix + "description", this.description);
+		}
+		if (this.issuer != null && this.issuer.isEmpty() != false) {
+			map.put(prefix + "issuer", this.issuer);
+		}
+		for (PIPResolverParam param : this.pipresolverParams) {
+			map.put(prefix + param.getParamName(), param.getParamValue());
+		}
+		return map;
+	}
+
+	@Transient
+	public void	generateProperties(Properties props, String prefix) {
+		if (prefix.endsWith(".") == false) {
+			prefix = prefix + ".";
+		}
+		props.setProperty(prefix + "classname", this.classname);
+		props.setProperty(prefix + "name", this.name);
+		if (this.description != null) {
+			props.setProperty(prefix + "description", this.description);
+		}
+		if (this.issuer != null && this.issuer.isEmpty() != false) {
+			props.setProperty(prefix + "issuer", this.issuer);
+		}
+		for (PIPResolverParam param : this.pipresolverParams) {
+			props.setProperty(prefix + param.getParamName(), param.getParamValue());
+		}
+	}
+
+	@Transient
+	@Override
+	public String toString() {
+		return "PIPResolver [id=" + id + ", classname=" + classname + ", name="
+				+ name + ", description=" + description + ", issuer=" + issuer
+				+ ", readOnly=" + readOnly + ", createdBy=" + createdBy
+				+ ", createdDate=" + createdDate + ", modifiedBy=" + modifiedBy
+				+ ", modifiedDate=" + modifiedDate + ", pipresolverParams="
+				+ pipresolverParams + "]";
+	}
+}

http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/a1d93100/openaz-xacml-pap-admin/src/main/java/org/apache/openaz/xacml/admin/jpa/PIPResolverParam.java
----------------------------------------------------------------------
diff --git a/openaz-xacml-pap-admin/src/main/java/org/apache/openaz/xacml/admin/jpa/PIPResolverParam.java b/openaz-xacml-pap-admin/src/main/java/org/apache/openaz/xacml/admin/jpa/PIPResolverParam.java
new file mode 100644
index 0000000..917ce5b
--- /dev/null
+++ b/openaz-xacml-pap-admin/src/main/java/org/apache/openaz/xacml/admin/jpa/PIPResolverParam.java
@@ -0,0 +1,147 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License.
+ *
+ */
+
+package org.apache.openaz.xacml.admin.jpa;
+
+import java.io.Serializable;
+
+import javax.persistence.*;
+
+
+/**
+ * The persistent class for the PIPResolverParams database table.
+ * 
+ */
+@Entity
+@Table(name="PIPResolverParams")
+@NamedQuery(name="PIPResolverParam.findAll", query="SELECT p FROM PIPResolverParam p")
+public class PIPResolverParam implements Serializable {
+	private static final long serialVersionUID = 1L;
+
+	@Id
+	@GeneratedValue(strategy=GenerationType.AUTO)
+	@Column(name="id")
+	private int id;
+
+	@Column(name="PARAM_NAME", nullable=false, length=1024)
+	private String paramName;
+
+	@Column(name="PARAM_VALUE", nullable=false, length=2048)
+	private String paramValue;
+
+	@Column(name="PARAM_DEFAULT", nullable=true, length=2048)
+	private String paramDefault;
+		
+	@Column(name="REQUIRED", nullable=false)
+	private char required = '0';
+
+	//bi-directional many-to-one association to PIPResolver
+	@ManyToOne
+	@JoinColumn(name="ID_RESOLVER")
+	private PIPResolver pipresolver;
+
+	public PIPResolverParam() {
+	}
+
+	public PIPResolverParam(String name) {
+		this.paramName = name;
+	}
+
+	public PIPResolverParam(String name, String value) {
+		this(name);
+		this.paramValue = value;
+	}
+
+	public PIPResolverParam(PIPResolverParam param) {
+		this(param.getParamName(), param.getParamValue());
+		this.paramDefault = param.getParamDefault();
+		this.required = param.required;
+	}
+
+	public int getId() {
+		return this.id;
+	}
+
+	public void setId(int id) {
+		this.id = id;
+	}
+
+	public String getParamName() {
+		return this.paramName;
+	}
+
+	public void setParamName(String paramName) {
+		this.paramName = paramName;
+	}
+
+	public String getParamValue() {
+		return this.paramValue;
+	}
+
+	public void setParamValue(String paramValue) {
+		this.paramValue = paramValue;
+	}
+
+	public String getParamDefault() {
+		return paramDefault;
+	}
+
+	public void setParamDefault(String paramDefault) {
+		this.paramDefault = paramDefault;
+	}
+
+	public char getRequired() {
+		return required;
+	}
+
+	public void setRequired(char required) {
+		this.required = required;
+	}
+
+	public PIPResolver getPipresolver() {
+		return this.pipresolver;
+	}
+
+	public void setPipresolver(PIPResolver pipresolver) {
+		this.pipresolver = pipresolver;
+	}
+
+	@Transient
+	public boolean isRequired() {
+		return this.required == '1';
+	}
+	
+	@Transient
+	public void setRequired(boolean required) {
+		if (required) {
+			this.required = '1';
+		} else {
+			this.required = '0';
+		}
+	}
+
+	@Transient
+	@Override
+	public String toString() {
+		return "PIPResolverParam [id=" + id + ", paramName=" + paramName
+				+ ", paramValue=" + paramValue + ", required=" + required + "]";
+	}
+
+}

http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/a1d93100/openaz-xacml-pap-admin/src/main/java/org/apache/openaz/xacml/admin/jpa/PIPType.java
----------------------------------------------------------------------
diff --git a/openaz-xacml-pap-admin/src/main/java/org/apache/openaz/xacml/admin/jpa/PIPType.java b/openaz-xacml-pap-admin/src/main/java/org/apache/openaz/xacml/admin/jpa/PIPType.java
new file mode 100644
index 0000000..7208b76
--- /dev/null
+++ b/openaz-xacml-pap-admin/src/main/java/org/apache/openaz/xacml/admin/jpa/PIPType.java
@@ -0,0 +1,131 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License.
+ *
+ */
+
+package org.apache.openaz.xacml.admin.jpa;
+
+import java.io.Serializable;
+import java.util.Set;
+
+import javax.persistence.Column;
+import javax.persistence.Entity;
+import javax.persistence.GeneratedValue;
+import javax.persistence.GenerationType;
+import javax.persistence.Id;
+import javax.persistence.NamedQuery;
+import javax.persistence.OneToMany;
+import javax.persistence.Table;
+import javax.persistence.Transient;
+
+
+/**
+ * The persistent class for the PIPType database table.
+ * 
+ */
+@Entity
+@Table(name="PIPType")
+@NamedQuery(name="PIPType.findAll", query="SELECT p FROM PIPType p")
+public class PIPType implements Serializable {
+	private static final long serialVersionUID = 1L;
+	
+	public static final String TYPE_SQL = "SQL";
+	public static final String TYPE_LDAP = "LDAP";
+	public static final String TYPE_CSV = "CSV";
+	public static final String TYPE_HYPERCSV = "Hyper-CSV";
+	public static final String TYPE_CUSTOM = "Custom";
+
+	@Id
+	@GeneratedValue(strategy=GenerationType.AUTO)
+	@Column(name="id")
+	private int id;
+
+	@Column(name="type", nullable=false, length=45)
+	private String type;
+
+	//bi-directional many-to-one association to PIPConfiguration
+	@OneToMany(mappedBy="piptype")
+	private Set<PIPConfiguration> pipconfigurations;
+
+	public PIPType() {
+	}
+
+	public int getId() {
+		return this.id;
+	}
+
+	public void setId(int id) {
+		this.id = id;
+	}
+
+	public String getType() {
+		return this.type;
+	}
+
+	public void setType(String type) {
+		this.type = type;
+	}
+
+	public Set<PIPConfiguration> getPipconfigurations() {
+		return this.pipconfigurations;
+	}
+
+	public void setPipconfigurations(Set<PIPConfiguration> pipconfigurations) {
+		this.pipconfigurations = pipconfigurations;
+	}
+
+	public PIPConfiguration addPipconfiguration(PIPConfiguration pipconfiguration) {
+		getPipconfigurations().add(pipconfiguration);
+		pipconfiguration.setPiptype(this);
+
+		return pipconfiguration;
+	}
+
+	public PIPConfiguration removePipconfiguration(PIPConfiguration pipconfiguration) {
+		getPipconfigurations().remove(pipconfiguration);
+		pipconfiguration.setPiptype(null);
+
+		return pipconfiguration;
+	}
+	
+	@Transient
+	public boolean	isSQL() {
+		return this.type.equals(TYPE_SQL);
+	}
+
+	@Transient
+	public boolean	isLDAP() {
+		return this.type.equals(TYPE_LDAP);
+	}
+
+	@Transient
+	public boolean	isCSV() {
+		return this.type.equals(TYPE_CSV);
+	}
+
+	@Transient
+	public boolean	isHyperCSV() {
+		return this.type.equals(TYPE_HYPERCSV);
+	}
+
+	@Transient
+	public boolean	isCustom() {
+		return this.type.equals(TYPE_CUSTOM);
+	}
+
+}

http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/a1d93100/openaz-xacml-pap-admin/src/main/java/org/apache/openaz/xacml/admin/jpa/PolicyAlgorithms.java
----------------------------------------------------------------------
diff --git a/openaz-xacml-pap-admin/src/main/java/org/apache/openaz/xacml/admin/jpa/PolicyAlgorithms.java b/openaz-xacml-pap-admin/src/main/java/org/apache/openaz/xacml/admin/jpa/PolicyAlgorithms.java
new file mode 100644
index 0000000..d91e221
--- /dev/null
+++ b/openaz-xacml-pap-admin/src/main/java/org/apache/openaz/xacml/admin/jpa/PolicyAlgorithms.java
@@ -0,0 +1,116 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License.
+ *
+ */
+
+package org.apache.openaz.xacml.admin.jpa;
+
+import java.io.Serializable;
+
+import javax.persistence.Column;
+import javax.persistence.Entity;
+import javax.persistence.GeneratedValue;
+import javax.persistence.GenerationType;
+import javax.persistence.Id;
+import javax.persistence.NamedQuery;
+import javax.persistence.Table;
+import javax.persistence.Transient;
+
+import org.apache.openaz.xacml.api.Identifier;
+
+@Entity
+@Table(name="PolicyAlgorithms")
+@NamedQuery(name="PolicyAlgorithms.findAll", query="SELECT d FROM PolicyAlgorithms d")
+public class PolicyAlgorithms implements Serializable {
+	private static final long serialVersionUID = 1L;
+	
+	public static final char STANDARD = 'S';
+	public static final char CUSTOM = 'C';
+
+	@Id
+	@GeneratedValue(strategy = GenerationType.AUTO)
+	@Column(name="id")
+	private int id;
+
+	@Column(name="is_standard", nullable=false)
+	private char isStandard;
+
+	@Column(name="xacml_id", nullable=false, unique=true, length=255)
+	private String xacmlId;
+	
+	@Column(name="short_name", nullable=false, length=64)
+	private String shortName;
+
+	public PolicyAlgorithms(Identifier identifier, char standard) {
+		this.isStandard = standard;
+		if (identifier != null) {
+			this.xacmlId = identifier.stringValue();
+		}
+	}
+	
+	public PolicyAlgorithms(Identifier identifier) {
+		this(identifier, PolicyAlgorithms.STANDARD);
+	}
+
+	public PolicyAlgorithms() {
+		this(null, PolicyAlgorithms.STANDARD);
+	}
+	
+	public int getId() {
+		return this.id;
+	}
+
+	public void setId(int id) {
+		this.id = id;
+	}
+
+	public char getIsStandard() {
+		return this.isStandard;
+	}
+
+	public void setIsStandard(char isStandard) {
+		this.isStandard = isStandard;
+	}
+
+	@Transient
+	public boolean isStandard() {
+		return this.isStandard == PolicyAlgorithms.STANDARD;
+	}
+	
+	@Transient
+	public boolean isCustom() {
+		return this.isStandard == PolicyAlgorithms.CUSTOM;
+	}
+
+	public String getXacmlId() {
+		return this.xacmlId;
+	}
+
+	public void setXacmlId(String xacmlId) {
+		this.xacmlId = xacmlId;
+	}
+
+	public String getShortName() {
+		return shortName;
+	}
+
+	public void setShortName(String shortName) {
+		this.shortName = shortName;
+	}
+
+}