am_policy_evaluate_ignore_url_notenforced() (Sun Java System Access Manager 7.1 C API Reference)

Sun Java System Access Manager 7.1 C API Reference

`am_policy_evaluate_ignore_url_notenforced()`

Evaluates a policy for a given request and returns a non-boolean result.

Details

am_policy_evaluate_ignore_url_notenforced() will evaluate a policy for the specified URL only if the URL does not appear on the not-enforced list defined in AMAgent.properties.

Note –

See Sun Java System Access Manager Policy Agent 2.2 User’s Guide for more information.

Syntax

#include "am_policy.h"
AM_EXPORT am_status_t
am_policy_evaluate_ignore_url_notenforced(am_policy_t policy_handle,
                                          const char *sso_token,
                                          const char *resource_name,
                                          const char *action_name,
                                          const am_map_t env_parameter_map,
                                          am_map_t policy_response_map_ptr,
                                          am_policy_result_t *policy_result,
                                          am_bool_t ignorePolicyResult),
                                          char **am_revision_number;

Parameters

This function takes the following parameters:

policy_handle

Integer specifying the object being evaluated.

sso_token

Pointer to the session token (SSOTokenID) of the authenticated user.

Note –

The Access Manager Session Service creates a session data structure (also known as an SSOToken) that stores information such as login time, authentication scheme, and authentication level. It also generates a session token (also known as an SSOTokenID, a randomly-generated string that identifies an instance of an SSOToken.

resource_name

Pointer to the name of the resource being requested.

action_name

Pointer to the action requested.

Note –

An action is the operation to be performed on the resource. Web server actions are POST and GET. An allowable action for a human resources service , for example, can change a home telephone number.

env_parameter_map

Map object which contains environment variables (IP address, host name, etc.) used for evaluation by the Policy Service.

Note –

See am_map_t for more information.

policy_response_map_ptr

Pointer to a map object which contains all the profile, session and response attributes fetched.

Note –

This must be enabled in AMAgent.properties. See am_policy_result_t for information on how this is done. See am_map_t for more information on map objects.

policy_result

Pointer to the am_policy_result_t type to store the result.

Note –

See am_policy_result_t for more information.

ignorePolicyResult

Based on the am_bool_t defined in the <am_types.h> header file, AM_TRUE indicates that policy evaluation will not be done for the URL.

am_revision_number

Takes a value equal to the version of the instance of Access Manager with which the SDK is communicating. When communicating with Access Manager 7.0, the value will be 7.0, otherwise 6.3. It can also be set to NULL.

Returns

This function returns one of the following values of the am_status_t enumeration (defined in the <am_types.h> header file):

AM_SUCCESS: If the call was successful.
AM_*: If any error occurs, the type of error indicated by the status value.

Memory Concerns

After using the results the caller must call am_policy_result_destroy() on policy_result to cleanup the allocated memory. Also, am_map_destroy() must be called on policy_response_map_ptr and env_parameter_map after their respective usage.