1/15
Contents
List of Examples
List of Figures
List of Tables
Title and Copyright Information
Preface
Audience
Documentation Accessibility
Related Documents
Conventions
1
Using the Policy Model
1.1
Examining Policy Elements
1.2
Composing A Simple Policy
1.3
Adding Fine Grained Objects to a Simple Policy
1.3.1
Creating an Application Role
1.3.2
Defining A Role Mapping Policy
1.3.3
Adding a Condition
1.3.4
Populating a Permission Set
1.3.5
Building an Obligation
1.4
Using Roles to Implement Policy
2
Constructing A Policy Programmatically
2.1
Using the Java API
2.1.1
Creating a Policy Object
2.1.2
Modifying a Policy Object
2.1.3
Deleting a Policy Object
2.1.4
Searching for Policy Objects
2.2
Using the Data Types
2.3
Executing A Simple Policy
2.3.1
Accessing the Policy Store
2.3.2
Creating an Application Policy
2.3.3
Defining Resource Types
2.3.4
Instantiating a Resource
2.3.5
Associating Actions with the Resource
2.3.5.1
Using a ResourceEntry
2.3.5.2
Using a ResourceNameExpression
2.3.6
Specifying a Policy Rule
2.3.7
Specifying the Principal
2.3.8
Defining the Policy
2.4
Creating Fine Grained Elements for a Simple Policy
2.4.1
Creating Application Roles
2.4.2
Creating Role Mapping Policies
2.4.3
Creating Attribute and Function Definitions
2.4.3.1
Creating Attribute Definitions
2.4.3.2
Creating Custom Function Definitions
2.4.4
Defining Permission Sets
2.4.5
Defining a Condition
2.4.5.1
Constructing a Boolean Expression
2.4.5.2
Constructing a Custom Function Expression
2.4.6
Adding Obligations
2.5
Accessing Code Examples
3
Managing Policy Objects Programmatically
3.1
Managing Policies Using Oracle Entitlements Server
3.2
Using Scope Levels to Manage Policy Objects
3.2.1
Managing Objects Created at the PolicyStore Scope
3.2.2
Managing Objects Within the ApplicationPolicy Scope
3.2.2.1
Managing PolicyDomainEntry Objects
3.2.2.2
Managing ResourceTypeEntry Objects
3.2.2.3
Managing and Granting AppRoleEntry Objects
3.2.2.4
Managing Role Mapping Policy (RolePolicyEntry) Objects
3.2.2.5
Managing AttributeEntry and FunctionEntry Objects
3.2.2.6
Managing ResourceEntry Objects
3.2.2.7
Managing Permission Sets
3.2.2.8
Managing the Policy
3.2.3
Managing Objects within the PolicyDomainEntry Scope
4
Distributing Policies
4.1
Understanding Policy Distribution
4.1.1
Using a Centralized Policy Distribution Component
4.1.2
Using a Local Policy Distribution Component
4.2
Defining Distribution Modes
4.2.1
Controlled Distribution
4.2.2
Non-Controlled Distribution
4.3
Creating Security Module Configurations and Bindings
4.3.1
Managing Security Module Configurations
4.3.2
Managing Security Module Bindings
4.4
Initiating Policy Distribution
5
Delegating Policy Administration
5.1
Delegating Administration
5.2
Managing Scope and Delegating Granularity
5.3
Assigning Permissions
5.4
Using the Default Administration Roles
5.5
Creating Administration Roles
5.5.1
Creating An Administration Role
5.5.2
Assigning Actions and Resources (Permissions) to an Administration Role
5.5.3
Assigning Principals to an Administration Role
5.5.4
Retrieving a Principal's Administration Resources
5.6
Managing Administration Roles
5.7
Delegating with a Policy Domain
6
Handling Authorization Calls and Decisions
6.1
Using the PEP API
6.1.1
Understanding the PEP API
6.1.1.1
Working with the PEP API
6.1.1.2
Using the Different PEP API Requests
6.1.1.3
Specifying the PEP API Subject
6.1.1.4
Formatting Authorization Request Strings
6.1.1.5
Retrieving Authentication Information Using a Query
6.1.2
Using the PEP API for Java
6.1.2.1
Getting a Java PEP API Subject
6.1.2.2
Making Simple Java PEP API Authorization Requests
6.1.2.3
Processing Java PEP API Obligations
6.1.2.4
Making Java PEP API Bulk Authorization Requests
6.1.2.5
Making Java PEP API Query Requests
6.1.2.6
Configuring the Java PEP API
6.1.3
Using the PEP API for .NET
6.1.3.1
Getting a .NET PEP API Subject
6.1.3.2
Making Simple .NET PEP API Authorization Requests
6.1.3.3
Processing .NET PEP API Obligations
6.1.3.4
Making .NET PEP API Bulk Authorization Requests
6.1.3.5
Making .NET PEP API Query Requests
6.1.3.6
Configuring the .NET PEP API
6.2
Making checkPermission() Calls
6.3
Using the XACML Gateway
7
Extending Functionality
7.1
Working With Attribute Retrievers
7.1.1
Understanding Attribute Retrievers
7.1.2
Creating Custom Attribute Retrievers
7.1.3
Implementing Custom Attribute Retrievers
7.1.3.1
Getting Attribute Values Directly
7.1.3.2
Getting Attribute Values Using a Handle
7.1.4
Configuring Oracle Entitlements Server for Custom Attribute Retrievers
7.2
Developing Custom Functions
7.2.1
Implementing a Custom Function
7.2.2
Using InspectableFunction For Metadata Information
8
Using the JSP Standard Tag Library
8.1
Using the Tag Library
8.2
Defining the Functional Tags
8.2.1
isAccessAllowed Tag
8.2.2
isAccessNotAllowed Tag
8.2.3
getUserRoles Tag
8.2.4
isUserInRole Tag
8.3
Defining the Assistant Tags
8.3.1
setSecurityContext Tag
8.3.2
attribute Tag
8.3.3
then/else Tags
Index
Scripting on this page enhances content navigation, but does not change the content in any way.