com.sun.identity.policy.client
Class PolicyEvaluator
java.lang.Object
|
+--com.sun.identity.policy.client.PolicyEvaluator
- public class PolicyEvaluator
- extends java.lang.Object
Ths class evaluates policies and provides policy decisions.
This is a remote policy evaluator. It is usually used when
the caller does not have direct access to the directory server
of the Access Manager. This API uses XML/HTTP protocol to
communicate with the Policy Framework on the Access Manager.
The API has the capability of caching the policy decisions.
The cache is updated through policy change notifications and/or
polling.
Constructor Summary |
PolicyEvaluator(java.lang.String serviceName)
Creates an instance of remote policy evaluator object |
Method Summary |
PolicyDecision |
getPolicyDecision(SSOToken token,
java.lang.String resourceName,
java.util.Set actionNames,
java.util.Map envParameters)
Evaluates privileges of the user to perform the specified actions
the the specified resource. |
boolean |
isAllowed(SSOToken token,
java.lang.String resourceName,
java.lang.String actionName,
java.util.Map envParameters)
Evaluates simple privileges of boolean type. |
Methods inherited from class java.lang.Object |
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
PolicyEvaluator
public PolicyEvaluator(java.lang.String serviceName)
throws PolicyException,
SSOException
- Creates an instance of remote policy evaluator object
- Parameters:
serviceName
- name of the service for which to create
policy evaluator- Throws:
PolicyException
- if required properties cannot be retrieved.SSOException
- if application single sign on token is invalid.
isAllowed
public boolean isAllowed(SSOToken token,
java.lang.String resourceName,
java.lang.String actionName,
java.util.Map envParameters)
throws PolicyException,
SSOException
- Evaluates simple privileges of boolean type. The privilege indicates
if the user can perform specified action on the specified resource.
The evaluation depends on user's application environment parameters.
- Parameters:
token
- single sign on token of the user evaluating policies.resourceName
- name of the resource the user is trying to accessactionName
- name of the action the user is trying to perform on
the resourceenvParameters
- run time environment parameters- Returns:
- the result of the evaluation as a boolean value
- Throws:
PolicyException
- if result could not be computed for
reason other than single sign on token problem.SSOException
- if single sign on token is invalid or expired
getPolicyDecision
public PolicyDecision getPolicyDecision(SSOToken token,
java.lang.String resourceName,
java.util.Set actionNames,
java.util.Map envParameters)
throws PolicyException,
SSOException
- Evaluates privileges of the user to perform the specified actions
the the specified resource. The evaluation also depends on user's
run time environment parameters.
- Parameters:
token
- single sign on token of the user evaluating policies.resourceName
- name of the resource the user is trying to accessactionNames
- Set of action names the user is trying to perform on
the resource.envParameters
- run-time environment parameters- Returns:
- policy decision
- Throws:
PolicyException
- if result could not be computed for any
reason other than single sign on token problem.SSOException
- if single sign on token is invalid or expired.
Copyright 2005 Sun Microsystems, Inc. All rights reserved. Use is subject to license terms.