PolicyEvaluator (OpenSSO Public API)

Overview

Package

Class

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

com.sun.identity.policy.client
Class PolicyEvaluator

java.lang.Object
  com.sun.identity.policy.client.PolicyEvaluator

public class PolicyEvaluator
extends Object
extends Object

This class provides methods to get policy decisions for clients of policy service. This class uses XML/HTTP protocol to communicate with the Policy Service. Policy client API implementaion caches policy decision locally. The cache is updated through policy change notifications and/or polling.

Constructor Summary
`PolicyEvaluator(String serviceName)` Creates an instance of client policy evaluator

Method Summary
`PolicyDecision`	`getPolicyDecision(SSOToken token, String resourceName, Set actionNames, Map envParameters)` Evaluates privileges of the user to perform the specified actions on the specified resource.
`boolean`	`isAllowed(SSOToken token, String resourceName, String actionName, Map envParameters)` Evaluates simple privileges of boolean type.

Constructor Detail

PolicyEvaluator

public PolicyEvaluator(String serviceName)
                throws PolicyException,
                       SSOException

Creates an instance of client policy evaluator

Parameters:: serviceName - name of the service for which to create policy evaluator
Throws:: PolicyException - if required properties cannot be retrieved.; SSOException - if application single sign on token is invalid.

Method Detail

isAllowed

public boolean isAllowed(SSOToken token,
                         String resourceName,
                         String actionName,
                         Map envParameters)
                  throws PolicyException,
                         SSOException

Evaluates simple privileges of boolean type. The privilege indicates if the user can perform specified action on the specified resource. The evaluation also depends on user's application environment parameters.

Parameters:: token - single sign on token of the user evaluating policies.; resourceName - name of the resource the user is trying to access; actionName - name of the action the user is trying to perform on the resource; envParameters - run time environment parameters
Returns:: the result of the evaluation as a boolean value
Throws:: PolicyException - if result could not be computed for reason other than single sign on token problem.; SSOException - if single sign on token is not valid

getPolicyDecision

public PolicyDecision getPolicyDecision(SSOToken token,
                                        String resourceName,
                                        Set actionNames,
                                        Map envParameters)
                                 throws PolicyException,
                                        SSOException

Evaluates privileges of the user to perform the specified actions on the specified resource. The evaluation also depends on user's run time environment parameters.

Parameters:: token - single sign on token of the user evaluating policies.; resourceName - name of the resource the user is trying to access; actionNames - Set of action names the user is trying to perform on the resource.; envParameters - run-time environment parameters
Returns:: policy decision
Throws:: PolicyException - if result could not be computed for any reason other than single sign on token problem.; SSOException - if single sign on token is invalid or expired.