Sun OpenSSO Enterprise 8.0 C API Reference for Application and Web Policy Agent Developers


Evaluates a policy for a given request and returns a non-boolean result.


am_policy_evaluate_ignore_url_notenforced() will evaluate a policy for the specified URL only if the URL does not appear on the not-enforced list defined in the agent configuration properties.

Note –

See Sun OpenSSO Enterprise Policy Agent 3.0 User’s Guide for Web Agents, or Sun Java System Access Manager Policy Agent 2.2 User’s Guide for more information.


#include "am_policy.h"
AM_EXPORT am_status_t
am_policy_evaluate_ignore_url_notenforced(am_policy_t policy_handle,
                                          const char *sso_token,
                                          const char *resource_name,
                                          const char *action_name,
                                          const am_map_t env_parameter_map,
                                          am_map_t policy_response_map_ptr,
                                          am_policy_result_t *policy_result,
                                          am_bool_t ignorePolicyResult),
                                          char **am_revision_number;


This function takes the following parameters:


Integer specifying the object being evaluated.


Pointer to the session token (SSOTokenID) of the authenticated user.

Note –

The OpenSSO Enterprise Session Service creates a session data structure (also known as an SSOToken) that stores information such as login time, authentication scheme, and authentication level. It also generates a session token (also known as an SSOTokenID, a randomly-generated string that identifies an instance of an SSOToken.


Pointer to the name of the resource being requested.


Pointer to the action requested.

Note –

An action is the operation to be performed on the resource. Web server actions are POST and GET. An allowable action for a human resources service , for example, can change a home telephone number.


Map object which contains environment variables (IP address, host name, etc.) used for evaluation by the Policy Service.

Note –

See am_map_t for more information.


Pointer to a map object which contains all the profile, session and response attributes fetched.

Note –

This must be enabled in the agent configuration properties. See am_policy_result_t for information on how this is done. See am_map_t for more information on map objects.


Pointer to the am_policy_result_t type to store the result.

Note –

See am_policy_result_t for more information.


Based on the am_bool_t defined in the <am_types.h> header file, AM_TRUE indicates that policy evaluation will not be done for the URL.


This function returns one of the following values of the am_status_t enumeration (defined in the <am_types.h> header file):


If the call was successful.


If any error occurs, the type of error indicated by the status value.

Memory Concerns

After using the results the caller must call am_policy_result_destroy() on policy_result to cleanup the allocated memory. Also, am_map_destroy() must be called on policy_response_map_ptr and env_parameter_map after their respective usage.