Evaluates a policy for a given request and returns a non-boolean result.
am_policy_evaluate_ignore_url_notenforced() will evaluate a policy for the specified URL only if the URL does not appear on the not-enforced list defined in the agent configuration properties.
See Sun OpenSSO Enterprise Policy Agent 3.0 User’s Guide for Web Agents, or Sun Java System Access Manager Policy Agent 2.2 User’s Guide for more information.
#include "am_policy.h"
AM_EXPORT am_status_t
am_policy_evaluate_ignore_url_notenforced(am_policy_t policy_handle,
                                          const char *sso_token,
                                          const char *resource_name,
                                          const char *action_name,
                                          const am_map_t env_parameter_map,
                                          am_map_t policy_response_map_ptr,
                                          am_policy_result_t *policy_result,
                                          am_bool_t ignorePolicyResult),
                                          char **am_revision_number;
This function takes the following parameters:
Integer specifying the object being evaluated.
Pointer to the session token (SSOTokenID) of the authenticated user.
The OpenSSO Enterprise Session Service creates a session data structure (also known as an SSOToken) that stores information such as login time, authentication scheme, and authentication level. It also generates a session token (also known as an SSOTokenID, a randomly-generated string that identifies an instance of an SSOToken.
Pointer to the name of the resource being requested.
Pointer to the action requested.
An action is the operation to be performed on the resource. Web server actions are POST and GET. An allowable action for a human resources service , for example, can change a home telephone number.
Map object which contains environment variables (IP address, host name, etc.) used for evaluation by the Policy Service.
See am_map_t for more information.
Pointer to a map object which contains all the profile, session and response attributes fetched.
This must be enabled in the agent configuration properties. See am_policy_result_t for information on how this is done. See am_map_t for more information on map objects.
Pointer to the am_policy_result_t type to store the result.
See am_policy_result_t for more information.
Based on the am_bool_t defined in the <am_types.h> header file, AM_TRUE indicates that policy evaluation will not be done for the URL.
This function returns one of the following values of the am_status_t enumeration (defined in the <am_types.h> header file):
If the call was successful.
If any error occurs, the type of error indicated by the status value.
After using the results the caller must call am_policy_result_destroy() on policy_result to cleanup the allocated memory. Also, am_map_destroy() must be called on policy_response_map_ptr and env_parameter_map after their respective usage.