Sun Java System Access Manager 2005Q4 API: Class PolicyEvaluator

Overview

Package

Class

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: INNER | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

com.sun.identity.policy.client
Class PolicyEvaluator

java.lang.Object
  |
  +--com.sun.identity.policy.client.PolicyEvaluator

public class PolicyEvaluator
extends java.lang.Object

Ths class evaluates policies and provides policy decisions. This is a remote policy evaluator. It is usually used when the caller does not have direct access to the directory server of the Access Manager. This API uses XML/HTTP protocol to communicate with the Policy Framework on the Access Manager. The API has the capability of caching the policy decisions. The cache is updated through policy change notifications and/or polling.

Constructor Summary

PolicyEvaluator(java.lang.String serviceName)
          Creates an instance of remote policy evaluator object

Method Summary

PolicyDecision getPolicyDecision(SSOToken token, java.lang.String resourceName, java.util.Set actionNames, java.util.Map envParameters)
          Evaluates privileges of the user to perform the specified actions the the specified resource.

boolean isAllowed(SSOToken token, java.lang.String resourceName, java.lang.String actionName, java.util.Map envParameters)
          Evaluates simple privileges of boolean type.

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

PolicyEvaluator

public PolicyEvaluator(java.lang.String serviceName)
                throws PolicyException,
                       SSOException

Creates an instance of remote policy evaluator object

Parameters:: serviceName - name of the service for which to create policy evaluator
Throws:: PolicyException - if required properties cannot be retrieved.; SSOException - if application single sign on token is invalid.

Method Detail

isAllowed

public boolean isAllowed(SSOToken token,
                         java.lang.String resourceName,
                         java.lang.String actionName,
                         java.util.Map envParameters)
                  throws PolicyException,
                         SSOException

Evaluates simple privileges of boolean type. The privilege indicates if the user can perform specified action on the specified resource. The evaluation depends on user's application environment parameters.

Parameters:: token - single sign on token of the user evaluating policies.; resourceName - name of the resource the user is trying to access; actionName - name of the action the user is trying to perform on the resource; envParameters - run time environment parameters
Returns:: the result of the evaluation as a boolean value
Throws:: PolicyException - if result could not be computed for reason other than single sign on token problem.; SSOException - if single sign on token is invalid or expired

getPolicyDecision

public PolicyDecision getPolicyDecision(SSOToken token,
                                        java.lang.String resourceName,
                                        java.util.Set actionNames,
                                        java.util.Map envParameters)
                                 throws PolicyException,
                                        SSOException

Evaluates privileges of the user to perform the specified actions the the specified resource. The evaluation also depends on user's run time environment parameters.

Parameters:: token - single sign on token of the user evaluating policies.; resourceName - name of the resource the user is trying to access; actionNames - Set of action names the user is trying to perform on the resource.; envParameters - run-time environment parameters
Returns:: policy decision
Throws:: PolicyException - if result could not be computed for any reason other than single sign on token problem.; SSOException - if single sign on token is invalid or expired.