|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object com.sun.identity.policy.Policy
The class Policy
represents a policy definition.
A policy contains a set of
rules associated with a collection of users and conditions.
The policy object is saved in the data store
only when the store
method
of the policy is called, or if the methods addPolicy
or
replacePolicy
of PolicyManager
instance is invoked with this policy.
The policy object is accessible to policy evaluation and
enforcement points only after it is saved in data store.
Constructor Summary | |
Policy(java.lang.String policyName)
Constructs a policy given the policy name. |
|
Policy(java.lang.String policyName,
java.lang.String description)
Constructs a policy given the policy name and description. |
|
Policy(java.lang.String policyName,
java.lang.String description,
boolean referralPolicy)
Constructs a policy given the policy name,description. |
|
Policy(java.lang.String policyName,
java.lang.String description,
boolean referralPolicy,
boolean active)
Constructs a policy given the policy name , description. |
Method Summary | |
void |
addCondition(java.lang.String name,
Condition condition)
Adds a new policy condition. |
void |
addRealmSubject(SSOToken token,
java.lang.String subjectName,
java.lang.String realmName,
boolean exclusive)
Adds a reference in the policy to a Subject defined at the realm. |
void |
addRealmSubject(java.lang.String subjectName,
SubjectTypeManager stm,
boolean exclusive)
Adds a reference in the policy to a Subject defined at the realm. |
void |
addReferral(java.lang.String name,
Referral referral)
Adds a new policy referral. |
void |
addRule(Rule rule)
Adds a new policy rule. |
void |
addSubject(java.lang.String name,
Subject subject)
Adds a new policy subject. |
void |
addSubject(java.lang.String name,
Subject subject,
boolean exclusive)
Adds a new policy subject. |
Condition |
getCondition(java.lang.String condition)
Gets the condition object identified by name. |
java.util.Set |
getConditionNames()
Get the set of condition names associated with the policy. |
java.lang.String |
getDescription()
Gets the description for the policy. |
java.lang.String |
getOrganizationName()
Gets the organization name under which the policy is created This would be set only for policies that have been read from data store. |
Referral |
getReferral(java.lang.String referralName)
Gets the Referral object identified by name. |
java.util.Set |
getReferralNames()
Get the set of referral names associated with the policy. |
Rule |
getRule(java.lang.String ruleName)
Gets the rule object identified by name. |
java.util.Set |
getRuleNames()
Gets the set of rule names associated with the policy. |
Subject |
getSubject(java.lang.String subjectName)
Gets the Subject object identified by name. |
java.util.Set |
getSubjectNames()
Get the set of subject names associated with the policy. |
boolean |
isActive()
Checks whether the policy is active or inactive An inactive policy is not used to make policy evaluations. |
boolean |
isRealmSubject(java.lang.String subjectName)
Checks if the subjectName is a reference to a Subject defined at the realm |
boolean |
isReferralPolicy()
Checks whether the policy is a referral policy. |
boolean |
isSubjectExclusive(java.lang.String subjectName)
Checks if the subject is exclusive. |
void |
removeCondition(Condition condition)
Removes the Condition object identified by
object's equals method. |
Condition |
removeCondition(java.lang.String condition)
Removes the condition with the given name. |
void |
removeReferral(Referral referral)
Removes the Referral object identified by
object's equals method. |
Referral |
removeReferral(java.lang.String referralName)
Removes the referral with the given name. |
Rule |
removeRule(java.lang.String ruleName)
Removes the rule with the given name. |
Subject |
removeSubject(java.lang.String subjectName)
Removes the subject with the given name. |
void |
removeSubject(Subject subject)
Removes the Subject object identified by
object's equals method. |
void |
replaceCondition(java.lang.String name,
Condition condition)
Replaces an existing condition with the same name by the current one. |
void |
replaceReferral(java.lang.String name,
Referral referral)
Replaces an existing referral with the same name by the current one. |
void |
replaceRule(Rule rule)
Replaces an existing rule with the same name by the current one. |
void |
replaceSubject(java.lang.String name,
Subject subject)
Replaces an existing subject with the same name by the current one. |
void |
replaceSubject(java.lang.String name,
Subject subject,
boolean exclusive)
Replaces an existing subject with the same name by the current one. |
void |
setActive(boolean active)
Set the active flag for policy. |
void |
setDescription(java.lang.String description)
Sets the description for the policy. |
void |
setName(java.lang.String policyName)
Sets the name of the policy. |
void |
store(SSOToken token,
java.lang.String name)
Stores the policy object in a persistent data store under the organization, sub-organization or a container object, specified as a parameter. |
java.lang.String |
toString()
Gets string representation of the policy object. |
java.lang.String |
toXML()
Gets the serialized policy in XML |
Methods inherited from class java.lang.Object |
equals, getClass, hashCode, notify, notifyAll, wait, wait, wait |
Constructor Detail |
public Policy(java.lang.String policyName) throws InvalidNameException
policyName
- name of the policy
InvalidNameException
- if policy name is not validpublic Policy(java.lang.String policyName, java.lang.String description) throws InvalidNameException
policyName
- name of the policydescription
- description for the policy
InvalidNameException
- if policy name is not validpublic Policy(java.lang.String policyName, java.lang.String description, boolean referralPolicy) throws InvalidNameException
policyName
- name of the policydescription
- description for the policyreferralPolicy
- indicates whether the policy is a
referral policy or a standard policy.
A referral policy is used only to delegate policy definitions to
sub/peer organizations. A referral policy does not make use of any
action values
InvalidNameException
- if policy name is not validpublic Policy(java.lang.String policyName, java.lang.String description, boolean referralPolicy, boolean active) throws InvalidNameException
policyName
- name of the policydescription
- description for the policyreferralPolicy
- indicates whether the policy is a
referral policy or a standard policy.active
- indicates if the policy is active or not.
A referral policy is used only to delegate policy definitions to
sub/peer organizations. A referral policy does not make use of any
action values
InvalidNameException
- if policy name is not validMethod Detail |
public void setName(java.lang.String policyName) throws InvalidNameException
policyName
- name of the policy.
InvalidNameException
- if policyName
is an invalid
name.public java.lang.String getOrganizationName()
null
public java.lang.String getDescription()
null
.
public void setDescription(java.lang.String description) throws InvalidNameException
description
- description for the policy
InvalidNameException
- if the description is invalidpublic boolean isReferralPolicy()
true
if this is a referral policy.
Otherwise returns false
public boolean isActive()
true
if this is an active policy.
Otherwise returns false
public void setActive(boolean active)
public java.util.Set getRuleNames()
public Rule getRule(java.lang.String ruleName) throws NameNotFoundException
ruleName
- name of rule.
NameNotFoundException
- if a rule with the given name
does not existpublic void addRule(Rule rule) throws NameAlreadyExistsException, InvalidNameException
rule
- rule object to be added to the policy
NameAlreadyExistsException
- a rule with the given name
already exists
InvalidNameException
- if the rule name is invalid
same service name as the policypublic void replaceRule(Rule rule) throws InvalidNameException
rule
- rule that will replace an existing rule
with the same name
InvalidNameException
- if rule name is invalidpublic Rule removeRule(java.lang.String ruleName)
ruleName
- name of the rule
null
public java.util.Set getSubjectNames()
public Subject getSubject(java.lang.String subjectName) throws NameNotFoundException
subjectName
- name of subject.
NameNotFoundException
- if a Subject with the given name
does not existpublic void addSubject(java.lang.String name, Subject subject) throws NameAlreadyExistsException, InvalidNameException
name
- name of the Subject instancesubject
- Subject object to be added to the policy
NameAlreadyExistsException
- if a Subject with the given name
already exists
InvalidNameException
- if the subject name is invalidpublic void addRealmSubject(SSOToken token, java.lang.String subjectName, java.lang.String realmName, boolean exclusive) throws NameAlreadyExistsException, InvalidNameException, PolicyException, SSOException
token
- SSOToken of the user adding the subjectsubjectName
- name of the Subject as defined at the realmrealmName
- name of the realm in which the subject is defined
NameAlreadyExistsException
- if a Subject with the given name
already exists in the policy
InvalidNameException
- if the subject name is invalid
or the subject is not found at the realm
SSOException
- if the SSO token is invalid
PolicyException
- if the subject could not be added
for any other reasonpublic void addRealmSubject(java.lang.String subjectName, SubjectTypeManager stm, boolean exclusive) throws NameAlreadyExistsException, InvalidNameException, PolicyException, SSOException
subjectName
- name of the Subject as defined at the realmstm
- SubjectTypeManager of the realm.
You have to pass the SubjectTypeManager of realm in which
you would save the policy. Trying to save the policy at
a different realm would throw PolicyException.
- Throws:
NameAlreadyExistsException
- if a Subject with the given name
already exists in the policy
InvalidNameException
- if the subject name is invalid
or the subject is not found at the realm
SSOException
- if the SSO token is invalid
PolicyException
- if the subject could not be added
for any other reason
public void addSubject(java.lang.String name, Subject subject, boolean exclusive) throws NameAlreadyExistsException, InvalidNameException
name
- name of the Subject instancesubject
- Subject object to be added to the policyexclusive
- boolean flag indicating whether the subject
is to be exclusive subject. If subject is exclusive,
policy applies to users who are not members of the
subject. Otherwise, policy applies to members of the subject.
NameAlreadyExistsException
- if a Subject with the given name
already exists
InvalidNameException
- if the subject name is invalidpublic void replaceSubject(java.lang.String name, Subject subject) throws NameNotFoundException
name
- name of the Subject instancesubject
- Subject that will replace an existing Subject
with the same name
NameNotFoundException
- if a Subject instance
with the given name is not presentpublic void replaceSubject(java.lang.String name, Subject subject, boolean exclusive) throws NameNotFoundException
name
- name of the Subject instancesubject
- Subject that will replace an existing Subject
with the same nameexclusive
- boolean flag indicating whether the subject
is to be exclusive subject. If subject is exclusive,
policy applies to users who are not members of the
subject. Otherwise, policy applies to members of the subject.
NameNotFoundException
- if a Subject instance
with the given name is not presentpublic Subject removeSubject(java.lang.String subjectName)
subjectName
- name of the Subject
null
public void removeSubject(Subject subject)
Subject
object identified by
object's equals
method. If a Subject instance
does not exist, the method will return silently.
subject
- Subject object that
will be removed from the user collectionpublic boolean isSubjectExclusive(java.lang.String subjectName) throws NameNotFoundException
subjectName
- name of the subject
true
if the subject is exclusive, false
otherwise.
NameNotFoundException
- if the subject with the given
subjectName
does not exist in the policy.public boolean isRealmSubject(java.lang.String subjectName) throws NameNotFoundException
subjectName
- name of the subject
true
if the subject is a reference to a
Subject defined at the realm, false
otherwise.
NameNotFoundException
- if the subject with the given
subjectName
does not exist in the policy.public java.util.Set getReferralNames()
public Referral getReferral(java.lang.String referralName) throws NameNotFoundException
referralName
- name of referral.
NameNotFoundException
- if a Referral with the given name
does not existpublic void addReferral(java.lang.String name, Referral referral) throws NameAlreadyExistsException, InvalidNameException
name
- name of the Referral instancereferral
- Referral object to be added to the policy
NameAlreadyExistsException
- if a Referral with the given name
already exists
InvalidNameException
- if the referral name is invalidpublic void replaceReferral(java.lang.String name, Referral referral) throws NameNotFoundException
name
- name of the Referral instancereferral
- Referral that will replace an existing Referral
with the same name
NameNotFoundException
- if a Referral instance
with the given name is not presentpublic Referral removeReferral(java.lang.String referralName)
referralName
- name of the Referral
null
public void removeReferral(Referral referral)
Referral
object identified by
object's equals
method. If a Referral instance
does not exist, the method will return silently.
referral
- Referral object that
will be removedpublic java.util.Set getConditionNames()
public Condition getCondition(java.lang.String condition) throws NameNotFoundException
condition
- name of condition.
NameNotFoundException
- if a Condition with the given name
does not exist.public void addCondition(java.lang.String name, Condition condition) throws NameAlreadyExistsException, InvalidNameException
name
- name of the Condition instancecondition
- Condition object to be added to the policy
NameAlreadyExistsException
- if a Condition with the given name
already exists
InvalidNameException
- if the condition name is invalidpublic void replaceCondition(java.lang.String name, Condition condition) throws NameNotFoundException
name
- name of the Condition instancecondition
- Condition that will replace an existing Condition
with the same name
NameNotFoundException
- if a Condition instance
with the given name is not presentpublic Condition removeCondition(java.lang.String condition)
condition
- name of the Condition
null
public void removeCondition(Condition condition)
Condition
object identified by
object's equals
method. If a condition instance
does not exist, the method will return silently.
condition
- Condition object that
will be removedpublic void store(SSOToken token, java.lang.String name) throws SSOException, NoPermissionException, NameAlreadyExistsException, NameNotFoundException, PolicyException
dn
) or slash "/" separated
as per SMS. This method
uses the SSOToken
provided to perform the store
operation, and hence if the single sign token has expired
SSOException
will be thrown, and if the
user does not have the required privileges
NoPermissionException
exception will be thrown.
If a policy with the same name exists for the organization
the method will throw NameAlreadyExistsException
.
And if the organization name does not exist, the method
will throw NameNotFoundException
.
token
- SSO token of the user managing policyname
- name of the organization, sub-organization or
a container in which the policy will be stored.
SSOException
- invalid or expired single-sign-on token
NoPermissionException
- user does not have sufficient
privileges to add policy
NameAlreadyExistsException
- a policy with the same
name already exists
NameNotFoundException
- the given organization name
does not exist
PolicyException
- for any other abnormal conditionpublic java.lang.String toXML()
public java.lang.String toString()
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |