|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object | +--com.sun.identity.policy.PolicyEvaluator
The class PolicyEvaluator
evaluates policies
and provides policy decisions.
Field Summary | |
static java.lang.String |
ALL_RESOURCES
Constant used to identity all the resources of a service type. |
static java.lang.String |
EMPTY_RESOURCE_NAME
Constant used to identity empty resource |
Constructor Summary | |
PolicyEvaluator(java.lang.String serviceTypeName)
Constructor to create a PolicyEvaluator given the service type name |
Method Summary | |
void |
addPolicyListener(PolicyListener policyListener)
Adds a policy listener that would be notified whenever a policy is added, removed or changed |
PolicyDecision |
getPolicyDecision(SSOToken token,
java.lang.String resourceName,
java.util.Set actionNames,
java.util.Map envParameters)
Evaluates privileges of the user to perform the specified actions the the specified resource. |
java.util.Set |
getProtectedResourcesIgnoreConditions(SSOToken token,
java.lang.String rootResource)
Gets protected resources for a user identified by sso token Conditions defined in the policies are ignored while computing protected resources. |
ResourceResult |
getResourceResult(SSOToken token,
java.lang.String resourceName,
java.lang.String scope,
java.util.Map envParameters)
Gets resource result given a resource name. |
java.util.Set |
getResourceResults(SSOToken token,
java.lang.String resourceName,
java.lang.String scope,
java.util.Map envParameters)
Gets resource result objects given a resource name. |
boolean |
isAllowed(SSOToken token,
java.lang.String resourceName,
java.lang.String actionName,
java.util.Map envParameters)
Evaluates simple privileges of boolean type. |
void |
removePolicyListener(PolicyListener policyListener)
Removes a policy listener that was previously registered to receive notifications whenever a policy is added, removed or changed. |
Methods inherited from class java.lang.Object |
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
public static final java.lang.String ALL_RESOURCES
public static final java.lang.String EMPTY_RESOURCE_NAME
Constructor Detail |
public PolicyEvaluator(java.lang.String serviceTypeName) throws SSOException, PolicyException, NameNotFoundException
serviceTypeName
- the name of the service type for which this
evaluator can be used forMethod Detail |
public boolean isAllowed(SSOToken token, java.lang.String resourceName, java.lang.String actionName, java.util.Map envParameters) throws PolicyException, SSOException
token
- SSO token of the user evaluating policiesresourceName
- name of the resource the user is trying to accessactionName
- name of the action the user is trying to perform on
the resourceenvParameters
- run-time environment parametersSSOException
- single-sign-on token invalid or expiredPolicyException
- if result could not be computed for any
reason other than sso token problem.public PolicyDecision getPolicyDecision(SSOToken token, java.lang.String resourceName, java.util.Set actionNames, java.util.Map envParameters) throws PolicyException, SSOException
token
- SSO token of the user evaluating policiesresourceName
- name of the resource the user is trying to accessactionName
- name of the action the user is trying to perform on
the resourceenvParameters
- run-time environment parametersSSOException
- single-sign-on token invalid or expiredpublic java.util.Set getProtectedResourcesIgnoreConditions(SSOToken token, java.lang.String rootResource) throws PolicyException, SSOException
token
- ssoToken of the userrootResource
- only resources that are subresources of the
given rootResource or equal to the given
rootResource would be returned
rootResource would be returned.
If PolicyEvaluator.ALL_RESOURCES
is
passed as rootResource, resources under
all root resources of the service
type are considered while computing protected
resources.PolicyException
- SSOException
- if sso token is invalidProtectedResource
public java.util.Set getResourceResults(SSOToken token, java.lang.String resourceName, java.lang.String scope, java.util.Map envParameters) throws PolicyException, SSOException
token
- SSO token of the user evaluating policiesresourceName
- name of the resourcescope
- indicates whether to compute the resource result based on
the policy decision for only the resourceName or
all the resources assosciated with the resource nameenvParameters
- run-time environment parametersPolicyException
- SSOException
- ResourceMatch.EXACT_MATCH
,
ResourceMatch.SUB_RESOURCE_MATCH
,
ResourceMatch.WILDCARD_MATCH
public ResourceResult getResourceResult(SSOToken token, java.lang.String resourceName, java.lang.String scope, java.util.Map envParameters) throws PolicyException, SSOException
token
- SSO token of the user evaluating policiesresourceName
- name of the resourcescope
- indicates whether to compute the resource result based on
the policy decision for only the resourceName or
all the resources assosciated with the resource nameenvParameters
- run-time environment parametersPolicyException
- SSOException
- ResourceMatch.EXACT_MATCH
,
ResourceMatch.SUB_RESOURCE_MATCH
,
ResourceMatch.WILDCARD_MATCH
public void addPolicyListener(PolicyListener policyListener)
policyListener
- the listener to be addedpublic void removePolicyListener(PolicyListener policyListener)
policyListener
- the listener to be removed
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |