oracle.adf.share.security.authorization
Class PolicyInspector

java.lang.Object
  oracle.adf.share.security.authorization.PolicyInspector

public final class PolicyInspector
extends java.lang.Object

Internal: Applications should not use this class. Provides management API to Java security policy. Deals with the assignment of permissions or privileges to Principals (which can be user or role Principals or any valid Principal).

The policy inspector delegates the requests to the concrete implementation of the PolicyInspection service provider interface. The following class relationship shows how the PolicyInspector delegates to a concrete service provider that is based on an XML file based policy.

    PolicyInspector ----> PolicyInspection (spi)
                               ^
                               |
                               |
                       XMLFilePolicyInspector (service provider example)
 
 

Granting/Revoking Policies

In order for a grant/revocation to succeed, the grantor/revoker (represented by the current Subject) must have the relevant permissions granted to him/her. This API also defines methods that change the persistent state of the policy store (e.g. grant/revoke methods).

Constructor Summary

PolicyInspector()
Internal: Applications should not use this method. Default constructor that creates the default PolicyInspection provider.

PolicyInspector(java.lang.Class providerClassname)
Internal: Applications should not use this method. Constructs policy inspector and instantionates the provider class based on the supplied classname.

PolicyInspector(PolicyInspection inspection)
Internal: Applications should not use this method.

Method Summary

boolean	addPermissionClassDescriptor(oracle.adf.share.security.authorization.PermissionClassDescriptor permClassDescriptor) Internal: Applications should not use this method. Retrieves the list of explicit policy entries for the specified resource id.
void	addPolicyStatement(PolicyStatement policyStatement) Internal: Applications should not use this method. Adds a Policy statement to the security Policy.
oracle.adf.share.security.authorization.PermissionClassDescriptor	getPermissionClassDescriptor(java.lang.Class permClass) Internal: Applications should not use this method. Returns specified permission class descriptor.
oracle.adf.share.security.authorization.PermissionClassDescriptor[]	getPermissionClassDescriptors() Internal: Applications should not use this method. Returns all the managed permission class descriptors.
PolicyStatement[]	getPolicyStatements(java.security.Principal principal, java.lang.Class[] permissionClasses) Internal: Applications should not use this method. Retrieves the list of explicit policy entries for the specified Principal.
PolicyStatement[]	getPolicyStatements(java.lang.String resourceId, java.lang.Class permissionClass) Internal: Applications should not use this method. Retrieves the list of explicit policy entries for the specified resource id.
void	refresh(boolean save) Internal: Applications should not use this method. Refresh the policy provider
boolean	removePermissionClassDescriptor(java.lang.Class permClass) Internal: Applications should not use this method. Unregisters an existing permission class from the system.
void	removePolicyStatement(PolicyStatement policyStatement) Internal: Applications should not use this method. Adds a Policy statement to the security Policy.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

PolicyInspector

public PolicyInspector()

Internal: Applications should not use this method. Default constructor that creates the default PolicyInspection provider. Reads the configuration to determine the default PolicyInspection provider class

PolicyInspector

public PolicyInspector(java.lang.Class providerClassname)

Internal: Applications should not use this method. Constructs policy inspector and instantionates the provider class based on the supplied classname.

Parameters:

providerClassname - the PolicyInspection provider class to instantiate.

PolicyInspector

public PolicyInspector(PolicyInspection inspection)

Internal: Applications should not use this method.

Parameters:

provider - a PolicyInspection instance.

Method Detail

addPolicyStatement

public void addPolicyStatement(PolicyStatement policyStatement)

Internal: Applications should not use this method. Adds a Policy statement to the security Policy.

Parameters:

policyStatement - the PolicyStatement to be added to the Policy.

removePolicyStatement

public void removePolicyStatement(PolicyStatement policyStatement)

Internal: Applications should not use this method. Adds a Policy statement to the security Policy.

Parameters:

policyStatement - the PolicyStatement to be added to the Policy.

getPolicyStatements

public PolicyStatement[] getPolicyStatements(java.security.Principal principal,
                                             java.lang.Class[] permissionClasses)

Internal: Applications should not use this method. Retrieves the list of explicit policy entries for the specified Principal.

Parameters:

principal - the Principal for whom the Policy entries are to be retrieved.

permissionClasses - the Permission classes to restrict the return resultset with.

Returns:

PolicyStatement[] the PolicyStatements given to the specified Principal.

getPolicyStatements

public PolicyStatement[] getPolicyStatements(java.lang.String resourceId,
                                             java.lang.Class permissionClass)

Internal: Applications should not use this method. Retrieves the list of explicit policy entries for the specified resource id.

Parameters:

resourceId - the target resource for which the policy statements are to be retrieved.

permissionClass - the permission class of the policy statement.

Returns:

PolicyStatement[] the PolicyStatements given to the specified Principal.

getPermissionClassDescriptors

public oracle.adf.share.security.authorization.PermissionClassDescriptor[] getPermissionClassDescriptors()

Internal: Applications should not use this method. Returns all the managed permission class descriptors.

Returns:

PermissionClassDescriptor[] an array containing all the managed permission class descriptors.

addPermissionClassDescriptor

public boolean addPermissionClassDescriptor(oracle.adf.share.security.authorization.PermissionClassDescriptor permClassDescriptor)

Internal: Applications should not use this method. Retrieves the list of explicit policy entries for the specified resource id.

Parameters:

permClassDescriptor - the permission class descriptor for the permission.

Returns:

boolean true if this collection changed as a result of the call.

removePermissionClassDescriptor

public boolean removePermissionClassDescriptor(java.lang.Class permClass)

Internal: Applications should not use this method. Unregisters an existing permission class from the system.

Parameters:

permClass - the class of the permission. return boolean true if this list contained the specified element.

getPermissionClassDescriptor

public oracle.adf.share.security.authorization.PermissionClassDescriptor getPermissionClassDescriptor(java.lang.Class permClass)

Internal: Applications should not use this method. Returns specified permission class descriptor.

Parameters:

permClass - the permission class.

Returns:

PermissionClassDescriptor the PermissionClassDescriptor assocaiated with this permission class.

refresh

public void refresh(boolean save)

Internal: Applications should not use this method. Refresh the policy provider

Parameters:

save - save changes