...
Attribute finder modules do not work the same as policy finder modules. The AttributeLocator is an implementation of the AttributeFinderModule interface.
ResourceAttributeFinderModule(s)
These finder modules retrieve information about the node which is being accessed. They should be implemented as several finder modules for clarity.
A triple finder module will resolve attribute IDs (URIs) to RDF properties on fedora objects. Attributes are not configured in advance. XACML authors may reference any URI and if there is one or more triple with the correct subject node and predicate, then the object will be returned. It should match the data type expected in XACML, which is also part of the arguments passed to the finder module.
A SPARQL finder module will retrieve data indirectly linked to the subject node. This finder module will resolve attributes via a configured map of attribute IDs to SPARQL queries.
A common fedora finder module will retrieve the standard attributes noted in the Fedora XACML Attributes page.
JBoss has an abstract class called StorageAttributeLocator which may be useful for formulating SPARQL queries that function much like prepared statements against a DB, where there is a replacement value. That pattern may be useful for a ResourceAttributeFinderModule.
SubjectAttributeFinderModule
EnvironmentAttributeFinderModule