|
Oracle Fusion Middleware Java API Reference for Oracle Platform Security Services 11g Release 1 (11.1.1) E14650-03 |
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
public interface ApplicationPolicy
Method Summary | |
---|---|
void |
addPrincipalToAppRole(PrincipalEntry principalEntry, java.lang.String appRoleName) Adds this principal as member to this app role |
void |
addPrincipalToAppRole(java.security.Principal principal, java.lang.String appRoleName) Adds this principal as member to this app role |
void |
alterAppRole(java.lang.String appRoleName, java.lang.String newDescription, java.lang.String newDisplayName) Alters an application Role's display Name and description These paramters are not used to compare two application roles for similarity An application Role's name or GUID are unique/ immutable properties NOTE: Supplying "null" to Description or Display Name will replace previous Description/ Display Name with "null" |
void |
alterAppRoleCategory(java.lang.String appRoleName, java.lang.String newCategory) Alters an application Role's category An application Role's name or GUID are unique/ immutable properties NOTE: Supplying "null" to category will replace previous category with "null" |
boolean |
containsAppRole(java.lang.String appRoleName) checks if this app role exists. |
boolean |
containsPrincipalAsMember(java.lang.String appRoleName, java.security.Principal principal) Checks if this principal is a member of this app role |
void |
createAppRole(java.lang.String appRoleName, java.lang.String displayName, java.lang.String desc, ExtendedProperty appRoleAttributes) Creates the requested application role in the policy store with extended attributes. |
void |
createAppRole(java.lang.String appRoleName, java.lang.String displayName, java.lang.String desc, java.lang.String guid) Deprecated. - use createAppRole(String appRoleName, String displayName, String desc, ExtendedProperty appRoleAttributes) |
void |
createAppRole(java.lang.String appRoleName, java.lang.String displayName, java.lang.String desc, java.lang.String guid, ExtendedProperty appRoleAttributes) Deprecated. - use createAppRole(String appRoleName, String displayName, String desc, ExtendedProperty appRoleAttributes) |
java.util.List |
getAllAppRoleEntries() Returns all app role entries |
java.util.List |
getAllAppRoles() Returns the list of all the application roles in this application context. |
java.util.List |
getAllGrantedAppRoleEntries(java.security.Principal principal) Returns all the granted app role entries for this principal where the principal is either a direct member or indirect member through other app roles. |
java.util.List |
getAllGrantedAppRoles(java.security.Principal principal) Returns all the granted app roles for this principal where the principal is either a direct member or indirect member through other app roles. |
java.lang.String |
getApplicationDescription() Get the Application Description |
java.lang.String |
getApplicationDisplayName() Get the Application Display Name |
java.lang.String |
getApplicationName() Return the application Name |
java.lang.String |
getApplicationUniqueName() Return the application UniqueName |
java.util.List |
getAppRolesMembers(java.lang.String appRoleName) Returns the list of principals granted to this application role. |
EntityManager |
getEntityManager(java.lang.Class klass) Get the entity manager. |
java.util.List |
getGrantedAppRoles(java.security.Principal principal) Returns all the granted app roles for this principal where the principal is a direct member of the App Role. |
java.lang.String |
getVersion() Returns the application version. |
void |
removeAppRole(java.lang.String appRoleName) Removes the application role from policy store. |
void |
removeAppRole(java.lang.String appRoleName, boolean force) Removes the application role from policy store. |
void |
removePrincipalFromAppRole(PrincipalEntry principalEntry, java.lang.String appRoleName) Removes this principal from this appRoleName |
void |
removePrincipalFromAppRole(java.security.Principal principal, java.lang.String appRoleName) Removes this principal from this appRoleName |
java.util.List |
searchAppRoles(java.lang.String appRoleName) This method searches application roles by an attribute role name. |
java.util.List |
searchAppRoles(java.lang.String roleAttrName, java.lang.String roleAttrNameVal, boolean inequality) This method searches application roles by an attribute and its value. |
void |
setVersion(java.lang.String version) Set the application version in memory. |
Methods inherited from interface oracle.security.jps.jaas.JavaPolicy |
---|
getPermissions, getPermissions, getPermissions, getPermissions, getPermissions, hasPermission, implies, refresh |
Methods inherited from interface oracle.security.jps.service.policystore.PolicyMgmt |
---|
getGrantEntries, grant, grant, modifyGrant, revoke, revoke |
Method Detail |
---|
boolean containsAppRole(java.lang.String appRoleName) throws PolicyStoreException
appRoleName
- - name of the app rolePolicyStoreException
- if there is an error during this operationjava.lang.NullPointerException
- if the application name is empty.
@Deprecated
void createAppRole(java.lang.String appRoleName,
java.lang.String displayName,
java.lang.String desc,
java.lang.String guid,
ExtendedProperty appRoleAttributes)
throws PolicyObjectAlreadyExistsException,
PolicyStoreException
Standard attributes supplied as parameters in this api ( DISPLAY_NAME, DESCRIPTION and GUID) cannot be part of the extended attributes.
The following code fragment illustrates how to construct the extended attributes:
ExtendedProperty ep = new ExtendedProperty(); String attribute = ApplicationRoleAttributes.SCOPE.name(); List < String > values = new ArrayList< String >(); values.add( "user-defined-value"); ep.setProperty(attribute, values);
Based on the algorithm in JpsAuth
this checks for PolicyStoreAccessPermission
("context=APPLICATION,name=Application's Stripe id", "createAppRole"). This may result in an AccessControlException or SecurityException
appRoleName
- name of the application roledisplayName
- diplay name of the application roledesc
- description of the application roleguid
- guid of the application roleappRoleAttributes
- - Extended attributes for the application rolePolicyObjectAlreadyExistsException
- if the role already exists.PolicyStoreException
- if the policy store provider reports an error while creating the role.java.lang.IllegalArgumentException
- if the standard attributes are part ofjava.lang.NullPointerException
- if the application name is empty. the extendedAttributes.for a list of valid extended attributes.
@Deprecated
void createAppRole(java.lang.String appRoleName,
java.lang.String displayName,
java.lang.String desc,
java.lang.String guid)
throws PolicyObjectAlreadyExistsException,
PolicyStoreException
Based on the algorithm in JpsAuth
this checks for PolicyStoreAccessPermission
("context=APPLICATION,name=Application's Stripe id", "createAppRole"). This may result in an AccessControlException or SecurityException
appRoleName
- - name of the app roledisplayName
- - diplay name of the app roledesc
- - description of the app roleguid
- - guid of the app rolePolicyObjectAlreadyExistsException
- - if this application role already existsPolicyStoreException
- - if there is an error during this operationjava.lang.NullPointerException
- if the application name is empty.void createAppRole(java.lang.String appRoleName, java.lang.String displayName, java.lang.String desc, ExtendedProperty appRoleAttributes) throws PolicyObjectAlreadyExistsException, PolicyStoreException
Standard attributes supplied as parameters in this api ( DISPLAY_NAME and DESCRIPTION) cannot be part of the extended attributes.
The following code fragment illustrates how to construct the extended attributes:
ExtendedProperty ep = new ExtendedProperty(); String attribute = ApplicationRoleAttributes.SCOPE.name(); List < String > values = new ArrayList< String >(); values.add( "user-defined-value"); ep.setProperty(attribute, values);
Based on the algorithm in JpsAuth
this checks for PolicyStoreAccessPermission
("context=APPLICATION,name=Application's Stripe id", "createAppRole"). This may result in an AccessControlException or SecurityException
appRoleName
- name of the application roledisplayName
- diplay name of the application roledesc
- description of the application roleappRoleAttributes
- - Extended attributes for the application rolePolicyObjectAlreadyExistsException
- if the role already exists.PolicyStoreException
- if the policy store provider reports an error while creating the role.java.lang.IllegalArgumentException
- if the standard attributes are part ofjava.lang.NullPointerException
- if the application name is empty. the extendedAttributes.for a list of valid extended attributes.
void removeAppRole(java.lang.String appRoleName) throws PolicyObjectNotFoundException, PolicyStoreException
This is equivalent to calling removeAppRole(appRoleName, true)
.
Based on the algorithm in JpsAuth
this checks for PolicyStoreAccessPermission
("context=APPLICATION,name=Application's Stripe id", "removeAppRole"). This may result in an AccessControlException or SecurityException
appRoleName
- - name of the app role to removePolicyObjectNotFoundException
- - if this app role does not existPolicyStoreException
- - if there is an error during this operationjava.lang.NullPointerException
- if the application name is empty.void removeAppRole(java.lang.String appRoleName, boolean force) throws ApplicationRoleInUseException, PolicyObjectNotFoundException, PolicyStoreException
force
is false, this method checks
ApplicationRoleInUseException
with the cause. If force
is true, then this method
Based on the algorithm in JpsAuth
this checks for PolicyStoreAccessPermission
("context=APPLICATION,name=Application's Stripe id", "removeAppRole"). This may result in an AccessControlException or SecurityException
appRoleName
- - name of the app role to removeApplicationRoleInUseException
- - if the application role is in use as described above.PolicyObjectNotFoundException
- - if this application role does not existPolicyStoreException
- - if there is an error during this operationjava.lang.NullPointerException
- if the application name is empty.boolean containsPrincipalAsMember(java.lang.String appRoleName, java.security.Principal principal) throws PolicyObjectNotFoundException, PolicyStoreException
appRoleName
- - the app role nameprincipal
- - the principal namePolicyObjectNotFoundException
- - if this appRoleName itself does not existPolicyStoreException
- - if there is an error during this operationjava.lang.NullPointerException
- if the application name is empty or principal is null.void addPrincipalToAppRole(java.security.Principal principal, java.lang.String appRoleName) throws PolicyObjectNotFoundException, PolicyObjectAlreadyExistsException, PolicyStoreException
Based on the algorithm in JpsAuth
this checks for PolicyStoreAccessPermission
("context=APPLICATION,name=Application's Stripe id", "addPrincipalToAppRole"). This may result in an AccessControlException or SecurityException
principal
- - the principal to addappRoleName
- - the app rolePolicyObjectNotFoundException
- - if this appRoleName itself does not existPolicyObjectAlreadyExistsException
- - if this principal is already a member of this app rolePolicyStoreException
- - if there is an error during this operationjava.lang.NullPointerException
- if the application name is empty or principal is null.void addPrincipalToAppRole(PrincipalEntry principalEntry, java.lang.String appRoleName) throws PolicyObjectNotFoundException, PolicyObjectAlreadyExistsException, PolicyStoreException
Use this method when it is not possible to create a Principal
representation of the principalEntry. Typically, this may arise if the Java class that implements the principalEntry is not in the current Class Path. For well known JpsPrincipal types, you must use the other version of this API that takes the Principal parameter.
Based on the algorithm in JpsAuth
this checks for PolicyStoreAccessPermission
("context=APPLICATION,name=Application's Stripe id", "addPrincipalToAppRole"). This may result in an AccessControlException or SecurityException
principalEntry
- - the principal to addappRoleName
- - the app rolePolicyObjectNotFoundException
- - if this appRoleName itself does not existPolicyObjectAlreadyExistsException
- - if this principal is already a member of this app rolePolicyStoreException
- - if there is an error during this operationjava.lang.NullPointerException
- if the application name is empty or principal is null.
If either the Principal class name or the Principal name is null (or an empty String) in the PrincipalEntry, then the principalEntry is considered to be null.
void removePrincipalFromAppRole(java.security.Principal principal, java.lang.String appRoleName) throws PolicyObjectNotFoundException, PolicyStoreException
Based on the algorithm in JpsAuth
this checks for PolicyStoreAccessPermission
("context=APPLICATION,name=Application's Stripe id", "removePrincipalFromAppRole"). This may result in an AccessControlException or SecurityException
principal
- - the principal to be removedappRoleName
- - the app role namePolicyObjectNotFoundException
- - if this principal does not exist in this appRoleNamePolicyStoreException
- - if there is an error during this operationjava.lang.NullPointerException
- if the application name is empty or principal is null.void removePrincipalFromAppRole(PrincipalEntry principalEntry, java.lang.String appRoleName) throws PolicyObjectNotFoundException, PolicyStoreException
Use this method when it is not possible to create a Principal
representation of the principalEntry. Typically, this may arise if the Java class that implements the principalEntry is not in the current Class Path. For well known JpsPrincipal types, you must use the other version of this API that takes the Principal parameter.
Based on the algorithm in JpsAuth
this checks for PolicyStoreAccessPermission
("context=APPLICATION,name=Application's Stripe id", "removePrincipalFromAppRole"). This may result in an AccessControlException or SecurityException
principalEntry
- - the principal to be removedappRoleName
- - the app role namePolicyObjectNotFoundException
- - if this principal does not exist in this appRoleNamePolicyStoreException
- - if there is an error during this operationjava.lang.NullPointerException
- if the application name is empty or principalEntry is null.
If either the Principal class name or the Principal name is null (or an empty String) in the PrincipalEntry, then the principalEntry is considered to be null.
java.util.List getAllAppRoleEntries() throws PolicyStoreException
PolicyStoreException
- - if there is an error during this operationjava.util.List getAllGrantedAppRoleEntries(java.security.Principal principal) throws PolicyStoreException
principal
- - the principal to find the granted app role forPolicyStoreException
- - if there is an error during this operationjava.util.List getGrantedAppRoles(java.security.Principal principal) throws PolicyStoreException
principal
- - the principal to find the granted app role forPolicyStoreException
- - if there is an error during this operationjava.util.List getAllGrantedAppRoles(java.security.Principal principal) throws PolicyStoreException
principal
- - the principal to find the granted app role forPolicyStoreException
- - if there is an error during this operationjava.util.List searchAppRoles(java.lang.String appRoleName) throws PolicyStoreException
appRoleName
- This is the value for the above attribute.
The value can be a regular expression. The Regular Expression supports the '*' wildcard character. An example would be 'app*Role'.
PolicyStoreException
- if there is an underlying provider error.java.lang.NullPointerException
- if the application name is empty.java.util.List searchAppRoles(java.lang.String roleAttrName, java.lang.String roleAttrNameVal, boolean inequality) throws PolicyStoreException
roleAttrName
- Role attribute name to search by. Attribute name is case-insensitive.roleAttrNameVal
- This is the value for the above attribute.
The value can be a regular expression. The wild card character '*' is supported. An example would be 'user*defined*value'.
Attribute values are case-sensitive.
inequality
- boolean value.
roleAttrName
whose value is not equal to the roleAttrNameVal
are returned.roleAttrName
whose value is equal to the roleAttrNameVal
are returned.PolicyStoreException
- if there is an underlying provider error.java.lang.IllegalArgumentException
- if the roleAttrName
is null, or the roleAttrNameVal
is not a valid regular expression.for a list of valid attributes.
java.util.List getAppRolesMembers(java.lang.String appRoleName) throws PolicyObjectNotFoundException, PolicyStoreException
appRoleName
- - the application role namePolicyObjectNotFoundException
- - if this appRoleName does not exist in policy storePolicyStoreException
- - if there is an error during this operationjava.lang.NullPointerException
- if the application name is empty.java.util.List getAllAppRoles() throws PolicyStoreException
PolicyStoreException
- - if there is an error during this operationvoid alterAppRole(java.lang.String appRoleName, java.lang.String newDescription, java.lang.String newDisplayName) throws PolicyObjectNotFoundException, PolicyStoreException
Based on the algorithm in JpsAuth
this checks for PolicyStoreAccessPermission
("context=APPLICATION,name=Application's Stripe id", "alterAppRole"). This may result in an AccessControlException or SecurityException
appRoleName
- - the app role namenewDescription
- - new description of the app rolenewDisplayName
- - new display name of the app rolePolicyObjectNotFoundException
- - if this app role does not exist in policy storePolicyStoreException
- - if there is an error during this operationjava.lang.NullPointerException
- if the application name is empty.void alterAppRoleCategory(java.lang.String appRoleName, java.lang.String newCategory) throws PolicyObjectNotFoundException, PolicyStoreException
Based on the algorithm in JpsAuth
this checks for PolicyStoreAccessPermission
("context=APPLICATION,name=Application's Stripe id", "alterAppRole"). This may result in an AccessControlException or SecurityException
appRoleName
- - the app role namenewCategory
- - new category of the app rolePolicyObjectNotFoundException
- - if this app role does not exist in policy storePolicyStoreException
- - if there is an error during this operationjava.lang.NullPointerException
- if the application name is empty.java.lang.String getApplicationName()
java.lang.String getApplicationUniqueName()
java.lang.String getApplicationDisplayName()
java.lang.String getApplicationDescription()
void setVersion(java.lang.String version)
PolicyStore.modifyApplicationPolicy(ApplicationPolicy)
To prevent multiple threads from updating the version concurrently in the store for the same application, the method PolicyStore.modifyApplicationPolicy(ApplicationPolicy)
should be called called immediately after this method.java.lang.String getVersion()
EntityManager getEntityManager(java.lang.Class klass)
klass
- the interface class that extends an EntityManager
|
Oracle Fusion Middleware Java API Reference for Oracle Platform Security Services 11g Release 1 (11.1.1) E14650-03 |
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |