Sun Java System Identity Server 2004Q2 API: Class PolicyEvaluator

Overview

Package

Class

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: INNER | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

com.sun.identity.policy.client
Class PolicyEvaluator

java.lang.Object
  |
  +--com.sun.identity.policy.client.PolicyEvaluator

public class PolicyEvaluator
extends java.lang.Object

The class PolicyEvaluator evaluates policies and provides policy decisions. This is a remote policy evaluator. It is usually used when the caller doesn't have direct access to the directory server of the Identity Server. This API uses XML/HTTP protocol to communicate with the Policy Framework on the Identity Server. The API has the capability of caching the policy decisions. The cache is updated through policy change notifications and polling.

Constructor Summary

PolicyEvaluator(java.lang.String serviceName)
          Creates an instance of remote policy evaluator object

Method Summary

PolicyDecision getPolicyDecision(SSOToken token, java.lang.String resourceName, java.util.Set actionNames, java.util.Map envParameters)
          Evaluates privileges of the user to perform the specified actions the the specified resource.

boolean isAllowed(SSOToken token, java.lang.String resourceName, java.lang.String actionName, java.util.Map envParameters)
          Evaluates simple privileges of boolean type.

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

PolicyEvaluator

public PolicyEvaluator(java.lang.String serviceName)
                throws PolicyException,
                       SSOException

Creates an instance of remote policy evaluator object

Parameters:: serviceName - policy service name
Throws:: PolicyException - if required properties cannot be retrieved.; SSOException - if application single-sign-on token is invalid

Method Detail

isAllowed

public boolean isAllowed(SSOToken token,
                         java.lang.String resourceName,
                         java.lang.String actionName,
                         java.util.Map envParameters)
                  throws PolicyException,
                         SSOException

Evaluates simple privileges of boolean type. The privilege indicates if the user can perform specified action on the specified resource. The evaluation depends on user's application environment parameters.

Parameters:: token - single sign on token of the user evaluating policies.; resourceName - name of the resource the user is trying to access; actionName - name of the action the user is trying to perform on the resource; envParameters - run-time environment parameters
Returns:: the result of the evaluation as a boolean value
Throws:: PolicyException - if result could not be computed for reason other than single sign on token problem.; SSOException - if single sign on token is invalid or expired

getPolicyDecision

public PolicyDecision getPolicyDecision(SSOToken token,
                                        java.lang.String resourceName,
                                        java.util.Set actionNames,
                                        java.util.Map envParameters)
                                 throws PolicyException,
                                        SSOException

Evaluates privileges of the user to perform the specified actions the the specified resource. The evaluation depends on user's application environment parameters.

Parameters:: token - single sign on token of the user evaluating policies.; resourceName - name of the resource the user is trying to access.; actionNames - Set of action names the user is trying to perform on the resource.; envParameters - run-time environment parameters
Returns:: policy decision
Throws:: PolicyException - if result could not be computed for any reason other than single sign on token problem.; SSOException - if single sign on token is invalid or expired.