Skip navigation links

Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

com.bea.p13n.entitlements.management
Class SecurityPolicyManager

java.lang.Object
  extended by com.bea.p13n.entitlements.management.SecurityPolicyManager

public class SecurityPolicyManager
extends Object

Provides access to methods for performing security policy management including create, read, modify, and delete actions.

Constructor Summary
SecurityPolicyManager()
           

 

Method Summary
static void createSecurityPolicy(SecurityPolicyItem aSecurityPolicyItem)
          Creates a new security policy.
static SecurityPolicyItem getSecurityPolicy(SecurityPolicyItem aSecurityPolicyItem)
          Retrieves an existing security policy.
static List<RolePolicyItem> getSecurityPolicyRoleItems(SecurityPolicyItem aSecurityPolicyItem)
          Returns a list of role policy items that a given security policy is predicated upon.
static Object[][] listPoliciesForResource(P13nResource aSecurityResource)
          Finds all available security policies given a policy item (resourceId).
static Object[][] listPoliciesForResource(SecurityPolicyItem aSecurityPolicyItem)
          Finds all available security policies given a policy item (resourceId).
static boolean policyExists(SecurityPolicyItem aSecurityPolicyItem)
          Checks if a security policy exists for a given resource
static void removeAllSecurityPolicies(String anEntAppName, String aWebAppName, P13nContextHandler aContextHandler)
          Removes all existing security policies and role policies for a given web application.
static void removeAllSecurityPolicies(String anEntAppName, String aWebAppName, String aRoleName, int aPolicyUser, P13nContextHandler aContextHandler)
          Removes all existing security policies and the role policy for a given entapp, web application.
static void removePoliciesOnResourceSubString(String aResourceIdSubString, String aWebAppName, boolean onResourceIdRoot, int thePolicyUser, P13nContextHandler aP13nContextHandler)
          Removes a list of security policies in which the resource id begins with the input resource string.
static void removeSecurityPolicy(SecurityPolicyItem aSecurityPolicyItem)
          Removes an existing security policy.
static void setSecurityPolicy(SecurityPolicyItem aSecurityPolicyItem)
          Updates an existing security policy.

 

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

 

Constructor Detail

SecurityPolicyManager

public SecurityPolicyManager()

Method Detail

createSecurityPolicy

public static void createSecurityPolicy(SecurityPolicyItem aSecurityPolicyItem)
                                 throws com.bea.p13n.entitlements.common.PolicyExistsException,
                                        com.bea.p13n.entitlements.common.PolicyCreateException
Creates a new security policy. A security policy may be predicated on one or more user ids, user group names, and/or role names. Prior to trying to persist a new security policy, this method will check the SecurityPolicyItem to insure all mandatory fields have been initialized. Mandatory fields are: 1) anEntAppName, aWebAppName, aResourceId, 2) (at least one of) aUserList, aGroupList, aRoleList, 3) aCapability.
Parameters
aSecurityPolicyItem - The object containing the required and optional security policy attributes
Throws
InvalidArgsException
com.bea.p13n.entitlements.common.PolicyExistsException
com.bea.p13n.entitlements.common.PolicyCreateException

getSecurityPolicy

public static SecurityPolicyItem getSecurityPolicy(SecurityPolicyItem aSecurityPolicyItem)
Retrieves an existing security policy. Prior to trying to retrieve the security policy, this method will check the SecurityPolicyItem to insure all mandatory fields have been initialized. Mandatory fields are: anEntAppName, aWebAppName, aResourceId, and aCapability, if a policy contains one.

The returned SecurityPolicyItem may be used to hold local updates to user list, group list, and role list changes prior to persisting the changes using the setSecurityPolicy() method.

Parameters
aSecurityPolicyItem - The object containing the required and optional security policy attributes
Returns
SecurityPolicyItem or null, if none exists
Throws
InvalidArgsException

setSecurityPolicy

public static void setSecurityPolicy(SecurityPolicyItem aSecurityPolicyItem)
                              throws com.bea.p13n.entitlements.common.PolicyNotFoundException,
                                     com.bea.p13n.entitlements.common.PolicyCreateException
Updates an existing security policy. Prior to trying to update the security policy, this method will check the SecurityPolicyItem to insure all mandatory fields have been initialized. Mandatory fields are: 1) anEntAppName, aWebAppName, aResourceId, 2) (at least one of) aUserList, aGroupList, aRoleList.

Note that if the aSecurityPolicyItem instance was retrieved using getSecurityPolicy(), all mandatory fields will already be initialized. The only fields that are updateable in the persisted security policy are the aUserList, aGroupList, and aRoleList.

Parameters
aSecurityPolicyItem - The object containing the required and optional security policy attributes
Throws
InvalidArgsException
com.bea.p13n.entitlements.common.PolicyNotFoundException
com.bea.p13n.entitlements.common.PolicyCreateException

removeSecurityPolicy

public static void removeSecurityPolicy(SecurityPolicyItem aSecurityPolicyItem)
                                 throws com.bea.p13n.entitlements.common.PolicyNotFoundException,
                                        com.bea.p13n.entitlements.common.PolicyRemoveException
Removes an existing security policy. Prior to trying to remove the security policy, this method will check the SecurityPolicyItem to insure all mandatory fields have been initialized. Mandatory fields are: anEntAppName, aWebAppName, aResourceId.
Parameters
aSecurityPolicyItem - The object containing the required security policy attributes
Throws
InvalidArgsException
com.bea.p13n.entitlements.common.PolicyNotFoundException
com.bea.p13n.entitlements.common.PolicyRemoveException

removeAllSecurityPolicies

public static void removeAllSecurityPolicies(String anEntAppName,
                                             String aWebAppName,
                                             P13nContextHandler aContextHandler)
                                      throws com.bea.p13n.entitlements.common.EntitlementsException
Removes all existing security policies and role policies for a given web application. Prior to trying to remove the security policies, this method will check the SecurityPolicyItem to insure all mandatory fields have been initialized. Mandatory fields are: anEntAppName, aWebAppName, aResourceId.
Parameters
anEntAppName - Enterprise Application name
aWebAppName - Webapp name. Unused for Global role inheritance
Throws
com.bea.p13n.entitlements.common.EntitlementsException

removeAllSecurityPolicies

public static void removeAllSecurityPolicies(String anEntAppName,
                                             String aWebAppName,
                                             String aRoleName,
                                             int aPolicyUser,
                                             P13nContextHandler aContextHandler)
                                      throws com.bea.p13n.entitlements.common.EntitlementsException
Removes all existing security policies and the role policy for a given entapp, web application. Note that any security policy predicated on additional roles (beside aRoleName) will removed using this method.
Parameters
anEntAppName - Enterprise Application name
aWebAppName - Webapp name. Unused for Global role inheritance
aRoleName - If non-null, only removes policies predicated on the given role
aPolicyUser - entitlementConstants.P13N_ADMIN_POLICY/P13N_VISITOR_POLICY
aContextHandler - a handler containing caller's context
Throws
com.bea.p13n.entitlements.common.EntitlementsException

policyExists

public static boolean policyExists(SecurityPolicyItem aSecurityPolicyItem)
Checks if a security policy exists for a given resource
Parameters
aSecurityPolicyItem - The object containing the required
Returns
True if policy exists, otherwise false

listPoliciesForResource

public static Object[][] listPoliciesForResource(SecurityPolicyItem aSecurityPolicyItem)
Finds all available security policies given a policy item (resourceId). Instead of just returning security policies associated at the resource Id (leaf) node, this method may be used to get a full list of security policies associated with the resource taxonomy.
Parameters
aSecurityPolicyItem - The object containing the required and optional security policy attributes
Returns
An 2D array of all the security policies that have been persisted against the given resource id and those also inherited by the resource given its taxonomy. The zero'th element [i][0] contains the P13nResource where the SecurityPolicyItem (elements [i][1..n]) were found.

listPoliciesForResource

public static Object[][] listPoliciesForResource(P13nResource aSecurityResource)
Finds all available security policies given a policy item (resourceId). Instead of just returning security policies associated at the resource Id (leaf) node, this method may be used to get a full list of security policies associated with the resource taxonomy.
Parameters
aSecurityResource - The object containing the required and optional security policy attributes
Returns
An 2D array of all the security policies that have been persisted against the given resource id and those also inherited by the resource given its taxonomy. The zero'th element [i][0] contains the P13nResource where the SecurityPolicyItem (elements [i][1..n]) were found.

removePoliciesOnResourceSubString

public static void removePoliciesOnResourceSubString(String aResourceIdSubString,
                                                     String aWebAppName,
                                                     boolean onResourceIdRoot,
                                                     int thePolicyUser,
                                                     P13nContextHandler aP13nContextHandler)
                                              throws com.bea.p13n.entitlements.common.EntitlementsException
Removes a list of security policies in which the resource id begins with the input resource string.
Parameters
aResourceIdSubString - The root substring to look for. This string must be delimited according to EntitlementConstants.RESOURCE_ID_DELIMITER
onResourceIdRoot - If true, a match must be on beginning of resource id only
thePolicyUser - entitlementConstants.P13N_ADMIN_POLICY/P13N_VISITOR_POLICY
aP13nContextHandler - The context describing the current user
Throws
com.bea.p13n.entitlements.common.EntitlementsException

getSecurityPolicyRoleItems

public static List<RolePolicyItem> getSecurityPolicyRoleItems(SecurityPolicyItem aSecurityPolicyItem)
                                                       throws com.bea.p13n.entitlements.common.PolicyException
Returns a list of role policy items that a given security policy is predicated upon.
Parameters
aSecurityPolicyItem - an existing security policy with role predicates
Returns
List of RolePolicyItem's
Throws
com.bea.p13n.entitlements.common.PolicyException

Skip navigation links

Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

Copyright © 2010, Oracle. All rights reserved.