|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
The class ResponseProvider
defines an interface to allow
pluggable response providers into the Access manager framework. These
are used to provide policy response attributes. Policy response attributes
are different from ActionDecisions
. Policy response attributes
typically provide attribute values of user profile. User profile could
exist in any data store managed by Identity repository. However, response
attributes are not restricted to attributes from user profile. Source of
the attribute values is completely at the discretion of the specific
implementation of the ResponseProvider
.
The response provider is initialized by calling its initialize()
method.
Its also configured by setting its properites by a call to
setProperties()
method.
Response attribute names are not checked against schema of the service registered with Access Manager. (ActionDecision attributes are checked against the schema of the service registered with Access Manager).
A ResponseProvider computes a Map
of response attributes
and their values based on the SSOToken
, resource name and
env map passed in the method call getResponseDecision()
.
Policy framework would make a call to getResponseDecision
from
the ResponseProvider
(s) associated with a policy only if the
policy is applicable to a request as determined by SSOToken
,
resource name, Subjects and Conditions.
The only out-of-the-box ResponseProvider implementation provided with the
Policy framework would be IDRepoResponseProvider
.
All ResponseProvider implementations should have a public no argument
constructor.
Field Summary | |
static java.lang.String |
DYNAMIC_ATTRIBUTE
This key is used to define the dynamic user attributes in the IDRepoResponseProvider response provider
which are returned as part of a policy decision. |
static java.lang.String |
STATIC_ATTRIBUTE
This key is used to define the static user attributes in the IDRepoResponseProvider response provider
which are returned as part of a policy decision. |
Method Summary | |
java.lang.Object |
clone()
Returns a copy of this object. |
java.lang.String |
getDisplayName(java.lang.String property,
java.util.Locale locale)
Gets the display name for the property name. |
java.util.Map |
getProperties()
Gets the properties of the ResponseProvider |
java.util.List |
getPropertyNames()
Returns a list of property names for the Response provider. |
Syntax |
getPropertySyntax(java.lang.String property)
Returns the syntax for a property name |
java.util.Map |
getResponseDecision(SSOToken token,
java.util.Map env)
Gets the response attributes computed by this ResponseProvider object, based on the SSOToken and Map of environment
parameters. |
java.util.Set |
getValidValues(java.lang.String property)
Returns a set of valid values given the property name. |
void |
initialize(java.util.Map configParams)
Initialize the ResponseProvider |
void |
setProperties(java.util.Map properties)
Sets the properties of the responseProvider plugin. |
Field Detail |
public static final java.lang.String STATIC_ATTRIBUTE
IDRepoResponseProvider
response provider
which are returned as part of a policy decision. They are specified
in attribute=value format.
public static final java.lang.String DYNAMIC_ATTRIBUTE
IDRepoResponseProvider
response provider
which are returned as part of a policy decision. These attributes
are a subset of those defined in the Policy Configuation service
of the realm where the policy containing
IDRepoResponseProvider
is defined. These user attributes
are fetched using the Identity Repository service of the realm.
Method Detail |
public void initialize(java.util.Map configParams) throws PolicyException
ResponseProvider
configParams
- the configurational information
PolicyException
- if an error occured during
initialization of the instancepublic java.util.List getPropertyNames()
public Syntax getPropertySyntax(java.lang.String property)
property
- property name
Syntax for the property name- See Also:
Syntax
public java.lang.String getDisplayName(java.lang.String property, java.util.Locale locale) throws PolicyException
locale
variable could be used by the plugin to
customize the display name for the given locale.
The locale
variable could be null
, in which
case the plugin must use the default locale.
property
- property namelocale
- locale for which the property name must be customized
PolicyException
public java.util.Set getValidValues(java.lang.String property) throws PolicyException
property
- property name
PolicyException
- if unable to get the Syntax.public void setProperties(java.util.Map properties) throws PolicyException
getResponseDecision(Map)
These attribute-value pairs are encapsulated in
ResponseAttribute
element tag which is a child of the
PolicyDecision
element in the PolicyResponse xml
if the policy is applicable to the user for the resource, subject and
conditions defined.
properties
- the properties of the responseProvider
Keys of the properties have to be String.
Value corresponding to each key have to be a Set
of
String elements. Each implementation of ResponseProvider could
add further restrictions on the keys and values of this map.
PolicyException
- for any abnormal error situation.public java.util.Map getProperties()
setProperties(java.util.Map)
public java.util.Map getResponseDecision(SSOToken token, java.util.Map env) throws PolicyException, SSOException
SSOToken
and Map
of environment
parameters.
token
- single-sign-on token of the userenv
- request specific environment Map
of key/value
pairs
Map
of response attributes.
Keys of the Map are String representing attribute names.
Value is a Set
of response attribute
values (String).
PolicyException
- if the decision could not be computed
SSOException
- if SSO token is not validpublic java.lang.Object clone()
Object
which is a copy of this object
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |