Sun Java System Access Manager 7 2005Q4 Developer's Guide

ProcedureTo Implement a Log Authorization Plug-In

  1. Get the applicable role or DN of the user from the SSOToken and check it against a pre-configured (or hardcoded) list of roles or users that are allowed access.

    The administrator must configure a role and assign all policy agents and entities such as applications that can possibly log into Access Manager and into this role.

  2. Instantiate a PolicyEvaluator and call PolicyEvaluator.isAllowed(ssotoken, logname);.