Skip navigation links

oracle.security.jps.service.policystore
Interface PolicyStore

All Superinterfaces:

JavaPolicy, JpsPersistable, PolicyMgmt, ServiceInstance

All Known Subinterfaces:

BindingPolicyStore

public interface PolicyStore

extends ServiceInstance, JavaPolicy, PolicyMgmt

PolicyStore is the top-level scope concept. In a PolicyStore, users can create one or more Applications.

Nested Class Summary

Nested classes/interfaces inherited from interface oracle.security.jps.service.JpsPersistable

JpsPersistable.Mode

Method Summary

ApplicationPolicy	createApplicationPolicy(java.lang.String appId) Creates an application policy given the application name - appid.
ApplicationPolicy	createApplicationPolicy(java.lang.String appId, java.lang.String displayName, java.lang.String description) Creates an application policy given the application name - appid, display name displayName and description description
void	deleteApplicationPolicy(java.lang.String appId) Delete an application policy given the application name - appid.
AdminManager	getAdminManager() Gets an instance of Administrator Manager
java.util.List<ApplicationPolicy>	getApplicationPolicies(ApplicationPolicySearchQuery query) Get Application Policies by the given query
ApplicationPolicy	getApplicationPolicy(java.lang.String appId) Returns a application policy for the given application by this PolicyStore
java.util.List<AppRoleEntry>	getAppRoles(StoreAppRoleSearchQuery query) Search ApplicationRoles across one or more Applications based upon user specified criteria (query) Caller should have PolicyStoreAccessPermission("context=APPLICATION,name=Queried Applicaiton's stripe Id" , "getApplicationPolicy") permission to search for roles. If the caller does not supply an application name (or supplies a partial application name with some MATCHER other than EXACT) then they should have PolicyStoreAccessPermission("context=APPLICATION, name=*" , "getApplicationPolicy") to search for app roles.
ConfigurationBindingManager	getConfigurationBindingManager() Gets an instance of OES Configuration Binding Manager
ConfigurationManager	getConfigurationManager() Gets an instance of OES Configuration Manager
PolicyStoreType	getPolicyStoreType() Returns the underlying Policy Storage mechanism (XML, LDAP, etc).
void	modifyApplicationPolicy(ApplicationPolicy app) Modify an application policy in the persistence store.

Methods inherited from interface oracle.security.jps.service.ServiceInstance

accept, getName, getServiceProvider

Methods inherited from interface oracle.security.jps.service.JpsPersistable

persist, refresh

Methods inherited from interface oracle.security.jps.jaas.JavaPolicy

getPermissions, getPermissions, getPermissions, getPermissions, getPermissions, hasPermission, implies, refresh

Methods inherited from interface oracle.security.jps.service.policystore.PolicyMgmt

getGrantEntries, grant, grant, modifyGrant, revoke, revoke

Method Detail

getApplicationPolicies

java.util.List<ApplicationPolicy> getApplicationPolicies(ApplicationPolicySearchQuery query)
                                                         throws PolicyStoreException

Get Application Policies by the given query

Caller should have admin privileges to view the application policy.

Parameters:

query - the query criteria.

Returns:

List of applications matching the criteria.

Throws:

PolicyStoreException

getApplicationPolicy

ApplicationPolicy getApplicationPolicy(java.lang.String appId)
                                       throws InvalidArgumentException,
                                              PolicyObjectNotFoundException,
                                              PolicyStoreException

Returns a application policy for the given application by this PolicyStore

Caller should have view privileges to the application.

Parameters:

appId - name of the application

Returns:

ApplicationPolicy the app-specific policy managed by this PolicyStore

Throws:

PolicyStoreException - if there is an error during this policy operation

InvalidArgumentException - if application name is null or empty.

PolicyObjectNotFoundException - if application policy for the given application does not exist.

createApplicationPolicy

ApplicationPolicy createApplicationPolicy(java.lang.String appId)
                                          throws InvalidArgumentException,
                                                 PolicyObjectAlreadyExistsException,
                                                 PolicyStoreException

Creates an application policy given the application name - appid.

Parameters:

appId -

Returns:

ApplicationPolicy - the created policy

Throws:

PolicyObjectAlreadyExistsException - if this application policy already exists

PolicyStoreException - if there is an error during creation of the policy

InvalidArgumentException - if application name is null or empty.

java.security.AccessControlException - if the caller does not have the PolicyStoreAccessPermission("context=APPLICATION,name=Applicaiton's stripe Id" , "createApplicationPolicy").

createApplicationPolicy

ApplicationPolicy createApplicationPolicy(java.lang.String appId,
                                          java.lang.String displayName,
                                          java.lang.String description)
                                          throws InvalidArgumentException,
                                                 PolicyObjectAlreadyExistsException,
                                                 PolicyStoreException

Creates an application policy given the application name - appid, display name displayName and description description

Parameters:

appId -

Returns:

ApplicationPolicy - the created policy

Throws:

PolicyObjectAlreadyExistsException - if this application policy already exists

PolicyStoreException - if there is an error during creation of the policy

InvalidArgumentException - if application name is null or empty.

java.security.AccessControlException - if the caller does not have the PolicyStoreAccessPermission("context=APPLICATION,name=Applicaiton's stripe Id" , "createApplicationPolicy").

deleteApplicationPolicy

void deleteApplicationPolicy(java.lang.String appId)
                             throws InvalidArgumentException,
                                    PolicyObjectNotFoundException,
                                    PolicyStoreException

Delete an application policy given the application name - appid.

Parameters:

appId -

Throws:

PolicyObjectNotFoundException - if this application policy does not exist

PolicyStoreException - if there is an error during deletion of the policy

InvalidArgumentException - if application name is null or empty.

java.security.AccessControlException - if the caller does not have the PolicyStoreAccessPermission("context=APPLICATION,name=Applicaiton's stripe Id" , "deleteApplicationPolicy").

getPolicyStoreType

PolicyStoreType getPolicyStoreType()

Returns the underlying Policy Storage mechanism (XML, LDAP, etc).

Returns:

PolicyStoreType - underlying policy storage mechanism.

getAdminManager

AdminManager getAdminManager()
                             throws PolicyStoreException

Gets an instance of Administrator Manager

Returns:

AdminManager

Throws:

PolicyStoreException

getAppRoles

java.util.List<AppRoleEntry> getAppRoles(StoreAppRoleSearchQuery query)
                                         throws PolicyStoreException

Search ApplicationRoles across one or more Applications based upon user specified criteria (query)
Caller should have PolicyStoreAccessPermission("context=APPLICATION,name=Queried Applicaiton's stripe Id" , "getApplicationPolicy") permission to search for roles.
If the caller does not supply an application name (or supplies a partial application name with some MATCHER other than EXACT) then they should have PolicyStoreAccessPermission("context=APPLICATION, name=*" , "getApplicationPolicy") to search for app roles. Otherwise the method will throw a SecurityException or AccessControlException.
The returned app role entries have their name, display name, description and other operational attributes instantiated.
Approle members or inherited approle members are not instantiated, and must be searched for separately.
Note: when building complex query, if more than one subquery has search property as APPLICATION_NAME,
then the queries SHOULD NOT be AND'ed in the complex query If more than one app role is found, the returned
list is sorted according to the ascending order of display name attribute of app roles.

Parameters:

query - Cross application AppRole search criteria.

Returns:

list of AppRoleEntry objects (possibly empty).

Throws:

PolicyStoreException - if an error occurs while querying.

java.security.AccessControlException - if the caller does not have sufficient privileges for querying applications.

modifyApplicationPolicy

void modifyApplicationPolicy(ApplicationPolicy app)
                             throws InvalidArgumentException,
                                    PolicyObjectNotFoundException,
                                    PolicyStoreException

Modify an application policy in the persistence store.

Parameters:

app - ApplicationPolicy object.

Throws:

InvalidArgumentException - an invalid parameter was supplied

PolicyObjectNotFoundException - application policy not found in the peristence store.

PolicyStoreException - if an error occurs while persisting the changes.

java.security.AccessControlException - if the caller does not have the PolicyStoreAccessPermission("context=APPLICATION,name=Applicaiton's stripe Id" , "createApplicationPolicy").

getConfigurationManager

ConfigurationManager getConfigurationManager()

Gets an instance of OES Configuration Manager

Returns:

getConfigurationBindingManager

ConfigurationBindingManager getConfigurationBindingManager()

Gets an instance of OES Configuration Binding Manager

Returns:

Skip navigation links