Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

com.sun.identity.policy.interfaces
Interface ResponseProvider

All Superinterfaces:
java.lang.Cloneable
public interface ResponseProvider
extends java.lang.Cloneable

The class ResponseProvider defines an interface to allow pluggable response providers into the Access manager framework. These are used to provide policy response attributes. Policy response attributes are different from ActionDecisions. Policy response attributes typically provide attribute values of user profile. User profile could exist in any data store managed by Identity repository. However, response attributes are not restricted to attributes from user profile. Source of the attribute values is completely at the discretion of the specific implementation of the ResponseProvider.

The response provider is initialized by calling its initialize() method. Its also configured by setting its properites by a call to setProperties() method.

Response attribute names are not checked against schema of the service registered with Access Manager. (ActionDecision attributes are checked against the schema of the service registered with Access Manager).

A ResponseProvider computes a Map of response attributes and their values based on the SSOToken, resource name and env map passed in the method call getResponseDecision().

Policy framework would make a call to getResponseDecision from the ResponseProvider(s) associated with a policy only if the policy is applicable to a request as determined by SSOToken, resource name, Subjects and Conditions.

The only out-of-the-box ResponseProvider implementation provided with the Policy framework would be IDRepoResponseProvider. All ResponseProvider implementations should have a public no argument constructor.

Field Summary
static java.lang.String DYNAMIC_ATTRIBUTE
          This key is used to define the dynamic user attributes in the IDRepoResponseProvider response provider which are returned as part of a policy decision.
static java.lang.String STATIC_ATTRIBUTE
          This key is used to define the static user attributes in the IDRepoResponseProvider response provider which are returned as part of a policy decision.
 
Method Summary
 java.lang.Object clone()
          Returns a copy of this object.
 java.lang.String getDisplayName(java.lang.String property, java.util.Locale locale)
          Gets the display name for the property name.
 java.util.Map getProperties()
          Gets the properties of the ResponseProvider
 java.util.List getPropertyNames()
          Returns a list of property names for the Response provider.
 Syntax getPropertySyntax(java.lang.String property)
          Returns the syntax for a property name
 java.util.Map getResponseDecision(SSOToken token, java.util.Map env)
          Gets the response attributes computed by this ResponseProvider object, based on the SSOToken and Map of environment parameters.
 java.util.Set getValidValues(java.lang.String property)
          Returns a set of valid values given the property name.
 void initialize(java.util.Map configParams)
          Initialize the ResponseProvider
 void setProperties(java.util.Map properties)
          Sets the properties of the responseProvider plugin.
 

Field Detail

STATIC_ATTRIBUTE

public static final java.lang.String STATIC_ATTRIBUTE
This key is used to define the static user attributes in the IDRepoResponseProvider response provider which are returned as part of a policy decision. They are specified in attribute=value format.

See Also:
Constant Field Values

DYNAMIC_ATTRIBUTE

public static final java.lang.String DYNAMIC_ATTRIBUTE
This key is used to define the dynamic user attributes in the IDRepoResponseProvider response provider which are returned as part of a policy decision. These attributes are a subset of those defined in the Policy Configuation service of the realm where the policy containing IDRepoResponseProvider is defined. These user attributes are fetched using the Identity Repository service of the realm.

See Also:
Constant Field Values
Method Detail

initialize

public void initialize(java.util.Map configParams)
                throws PolicyException
Initialize the ResponseProvider

Parameters:
configParams - the configurational information
Throws:
PolicyException - if an error occured during initialization of the instance

getPropertyNames

public java.util.List getPropertyNames()
Returns a list of property names for the Response provider.

Returns:
list of property names

getPropertySyntax

public Syntax getPropertySyntax(java.lang.String property)
Returns the syntax for a property name

Parameters:
property - property name
Returns:
Syntax for the property name
See Also:
Syntax

getDisplayName

public java.lang.String getDisplayName(java.lang.String property,
                                       java.util.Locale locale)
                                throws PolicyException
Gets the display name for the property name. The locale variable could be used by the plugin to customize the display name for the given locale. The locale variable could be null, in which case the plugin must use the default locale.

Parameters:
property - property name
locale - locale for which the property name must be customized
Returns:
display name for the property name.
Throws:
PolicyException

getValidValues

public java.util.Set getValidValues(java.lang.String property)
                             throws PolicyException
Returns a set of valid values given the property name. This method is called if the property Syntax is either the SINGLE_CHOICE or MULTIPLE_CHOICE.

Parameters:
property - property name
Returns:
Set of valid values for the property.
Throws:
PolicyException - if unable to get the Syntax.

setProperties

public void setProperties(java.util.Map properties)
                   throws PolicyException
Sets the properties of the responseProvider plugin. This influences the response attribute-value Map that would be computed by a call to method getResponseDecision(Map) These attribute-value pairs are encapsulated in ResponseAttribute element tag which is a child of the PolicyDecision element in the PolicyResponse xml if the policy is applicable to the user for the resource, subject and conditions defined.

Parameters:
properties - the properties of the responseProvider Keys of the properties have to be String. Value corresponding to each key have to be a Set of String elements. Each implementation of ResponseProvider could add further restrictions on the keys and values of this map.
Throws:
PolicyException - for any abnormal error situation.

getProperties

public java.util.Map getProperties()
Gets the properties of the ResponseProvider

Returns:
properties of the ResponseProvider
See Also:
setProperties(java.util.Map)

getResponseDecision

public java.util.Map getResponseDecision(SSOToken token,
                                         java.util.Map env)
                                  throws PolicyException,
                                         SSOException
Gets the response attributes computed by this ResponseProvider object, based on the SSOToken and Map of environment parameters.

Parameters:
token - single-sign-on token of the user
env - request specific environment Map of key/value pairs
Returns:
a Map of response attributes. Keys of the Map are String representing attribute names. Value is a Set of response attribute values (String).
Throws:
PolicyException - if the decision could not be computed
SSOException - if SSO token is not valid

clone

public java.lang.Object clone()
Returns a copy of this object.

Returns:
an Object which is a copy of this object
Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright 2006 Sun Microsystems, Inc. All rights reserved. Use is subject to license terms.