Sun ONE Identity Server 6.0 API: Class PolicyEvaluator

Overview

Package

Class

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: INNER | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

com.sun.identity.policy
Class PolicyEvaluator

java.lang.Object
  |
  +--com.sun.identity.policy.PolicyEvaluator

public class PolicyEvaluator
extends java.lang.Object

The class PolicyEvaluator evaluates policies and provides policy decisions.

Constructor Summary

PolicyEvaluator(java.lang.String serviceTypeName)
          Constructor to create a PolicyEvaluator given the service type name

Method Summary

void addPolicyListener(PolicyListener policyListener)
          Adds a policy listener that would be notified whenever a policy is added, removed or changed

PolicyDecision getPolicyDecision(SSOToken token, java.lang.String resourceName, java.util.Set actionNames, java.util.Map envParameters)
          Evaluates privileges of the user to perform the specified actions the the specified resource.

ResourceResult getResourceResult(SSOToken token, java.lang.String resourceName, java.lang.String scope, java.util.Map envParameters)
          Gets resource result given a resource name.

boolean isAllowed(SSOToken token, java.lang.String resourceName, java.lang.String actionName, java.util.Map envParameters)
          Evaluates simple privileges of boolean type.

void removePolicyListener(PolicyListener policyListener)
          Removes a policy listener that was previously registered to receive notifications whenever a policy is added, removed or changed.

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

PolicyEvaluator

public PolicyEvaluator(java.lang.String serviceTypeName)
                throws SSOException,
                       PolicyException,
                       NameNotFoundException

Constructor to create a PolicyEvaluator given the service type name

Parameters:: serviceTypeName - the name of the service type for which this evaluator can be used for

Method Detail

isAllowed

public boolean isAllowed(SSOToken token,
                         java.lang.String resourceName,
                         java.lang.String actionName,
                         java.util.Map envParameters)
                  throws PolicyException,
                         SSOException

Evaluates simple privileges of boolean type. The privilege indicate if the user can perform specified action on the specified resource. The evaluation depends on user's application environment parameters.

Parameters:: token - SSO token of the user evaluating policies; resourceName - name of the resource the user is trying to access; actionName - name of the action the user is trying to perform on the resource; envParameters - run-time environment parameters
Returns:: the result of the evaluation as a boolean value
Throws:: SSOException - single-sign-on token invalid or expired

getPolicyDecision

public PolicyDecision getPolicyDecision(SSOToken token,
                                        java.lang.String resourceName,
                                        java.util.Set actionNames,
                                        java.util.Map envParameters)
                                 throws PolicyException,
                                        SSOException

Evaluates privileges of the user to perform the specified actions the the specified resource. The evaluation depends on user's application environment parameters.

Parameters:: token - SSO token of the user evaluating policies; resourceName - name of the resource the user is trying to access; actionName - name of the action the user is trying to perform on the resource; envParameters - run-time environment parameters
Returns:: policy decision
Throws:: SSOException - single-sign-on token invalid or expired

getResourceResult

public ResourceResult getResourceResult(SSOToken token,
                                        java.lang.String resourceName,
                                        java.lang.String scope,
                                        java.util.Map envParameters)
                                 throws PolicyException,
                                        SSOException

Gets resource result given a resource name. ResourceResult is a tree representation of policy decisions for all resources rooted at the resource name that could be reached from this policy evaluator.

Parameters:: token - SSO token of the user evaluating policies; resourceName - name of the resource; scope - indicates whether to compute the resource result based on the policy decision for only the resourceName or all the resources rooted at the resource name; envParameters - run-time environment parameters
Returns:: ResourceResult
Throws:: PolicyException -; SSOException -

addPolicyListener

public void addPolicyListener(PolicyListener policyListener)

Adds a policy listener that would be notified whenever a policy is added, removed or changed

Parameters:: policyListener - the listener to be added

removePolicyListener

public void removePolicyListener(PolicyListener policyListener)

Removes a policy listener that was previously registered to receive notifications whenever a policy is added, removed or changed. It is not an error to attempt to remove a listener that was not registered. It would return silently.

Parameters:: policyListener - the listener to be removed