|
JBoss port of sunxacml 2.0.5-redhat-1 | |||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectorg.jboss.security.xacml.sunxacml.AbstractPolicy
org.jboss.security.xacml.sunxacml.PolicyReference
public class PolicyReference
This class is used as a placeholder for the PolicyIdReference and PolicySetIdReference fields in a PolicySetType. When a reference is used in a policy set, it is telling the PDP to use an external policy in the current policy. Each time the PDP needs to evaluate that policy reference, it asks the policy finder for the policy. Typically the policy finder will have cached the referenced policy, so this isn't too slow.
NOTE: all of the accessor methods, the match method, and the evaluate method
require this class to ask its PolicyFinder
for the referenced
policy, which can be a slow operation. Care should be taken, therefore in
calling these methods too often. Also note that it's not safe to cache the
results of these calls, since the referenced policy may change.
Field Summary | |
---|---|
static int |
POLICY_REFERENCE
Identifies this as a reference to a Policy |
static int |
POLICYSET_REFERENCE
Identifies this as a reference to a PolicySet |
Constructor Summary | |
---|---|
PolicyReference(URI reference,
int policyType,
PolicyFinder finder,
PolicyMetaData parentMetaData)
Creates a new PolicyReference instance. |
|
PolicyReference(URI reference,
int policyType,
VersionConstraints constraints,
PolicyFinder finder,
PolicyMetaData parentMetaData)
Creates a new PolicyReference instance with version
constraints. |
Method Summary | |
---|---|
void |
encode(OutputStream output)
Encodes this PolicyReference into its XML representation
and writes this encoding to the given OutputStream with
no indentation. |
void |
encode(OutputStream output,
Indenter indenter)
Encodes this PolicyReference into its XML representation
and writes this encoding to the given OutputStream with
indentation. |
Result |
evaluate(EvaluationCtx context)
Tries to evaluate the policy by calling the combining algorithm on the given policies or rules. |
List |
getChildElements()
Returns the child policy nodes and their associated parameters. |
List |
getChildren()
Returns the child policy nodes under this node in the policy tree. |
CombiningAlgorithm |
getCombiningAlg()
Returns the combining algorithm used by this policy. |
VersionConstraints |
getConstraints()
Returns the version constraints associated with this reference. |
String |
getDefaultVersion()
Returns the default version for this policy. |
String |
getDescription()
Returns the given description of this policy or null if there is no description. |
URI |
getId()
Returns the id of this policy. |
static PolicyReference |
getInstance(Node root,
PolicyFinder finder)
Deprecated. As of 2.0 you should avoid using this method and should instead use the version that takes a PolicyMetaData instance. This method will
only work for XACML 1.x policies. |
static PolicyReference |
getInstance(Node root,
PolicyFinder finder,
PolicyMetaData metaData)
Creates an instance of a PolicyReference object based on
a DOM node. |
PolicyMetaData |
getMetaData()
Returns the meta-data associated with this policy. |
Set |
getObligations()
Returns the Set of obligations for this policy, which may be empty if there are no obligations. |
URI |
getReference()
Returns the refernce identitfier used to resolve the policy. |
int |
getReferenceType()
Returns whether this is a reference to a policy or to a policy set. |
Target |
getTarget()
Returns the target for this policy. |
String |
getVersion()
Returns the version of this policy. |
MatchResult |
match(EvaluationCtx context)
Given the input context sees whether or not the request matches this policy. |
Methods inherited from class org.jboss.security.xacml.sunxacml.AbstractPolicy |
---|
encodeCommonElements, getCombiningParameters, setChildren |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
---|
public static final int POLICY_REFERENCE
Policy
public static final int POLICYSET_REFERENCE
PolicySet
Constructor Detail |
---|
public PolicyReference(URI reference, int policyType, PolicyFinder finder, PolicyMetaData parentMetaData) throws IllegalArgumentException
PolicyReference
instance. This has no
constraints on version matching. Note that an XACML 1.x reference may
not have any constraints.
reference
- the reference to the policypolicyType
- one of the two fields in this classfinder
- the PolicyFinder
used to handle the referenceparentMetaData
- the meta-data associated with the containing
(parent) policy
IllegalArgumentException
- if the input policyType isn't validpublic PolicyReference(URI reference, int policyType, VersionConstraints constraints, PolicyFinder finder, PolicyMetaData parentMetaData) throws IllegalArgumentException
PolicyReference
instance with version
constraints. Note that an XACML 1.x reference may not have any
constraints.
reference
- the reference to the policypolicyType
- one of the two fields in this classconstraints
- any optional constraints on the version of the
referenced policy (this is never null, but
it may impose no constraints, and in fact will
never impose constraints when used from a pre-2.0
XACML policy)finder
- the PolicyFinder
used to handle the referenceparentMetaData
- the meta-data associated with the containing
(parent) policy
IllegalArgumentException
- if the input policyType isn't validMethod Detail |
---|
public static PolicyReference getInstance(Node root, PolicyFinder finder) throws ParsingException
PolicyMetaData
instance. This method will
only work for XACML 1.x policies.
PolicyReference
object based on
a DOM node.
root
- the DOM root of a PolicyIdReference or a
PolicySetIdReference XML typefinder
- the PolicyFinder
used to handle the reference
ParsingException
- if the node is invalidpublic static PolicyReference getInstance(Node root, PolicyFinder finder, PolicyMetaData metaData) throws ParsingException
PolicyReference
object based on
a DOM node.
root
- the DOM root of a PolicyIdReference or a
PolicySetIdReference XML typefinder
- the PolicyFinder
used to handle the referencemetaData
- the meta-data associated with the containing policy
ParsingException
- if the node is invalidpublic URI getReference()
URI
public VersionConstraints getConstraints()
public int getReferenceType()
POLICY_REFERENCE
or POLICYSET_REFERENCE
public URI getId()
getId
in interface PolicyTreeElement
getId
in class AbstractPolicy
ProcessingException
- if the referenced policy can't be retrievedpublic String getVersion()
getVersion
in class AbstractPolicy
ProcessingException
- if the referenced policy can't be retrievedpublic CombiningAlgorithm getCombiningAlg()
getCombiningAlg
in class AbstractPolicy
ProcessingException
- if the referenced policy can't be retrievedpublic String getDescription()
getDescription
in interface PolicyTreeElement
getDescription
in class AbstractPolicy
ProcessingException
- if the referenced policy can't be retrievedpublic Target getTarget()
getTarget
in interface PolicyTreeElement
getTarget
in class AbstractPolicy
ProcessingException
- if the referenced policy can't be retrievedpublic String getDefaultVersion()
getDefaultVersion
in class AbstractPolicy
ProcessingException
- if the referenced policy can't be retrievedpublic List getChildren()
getChildren
in interface PolicyTreeElement
getChildren
in class AbstractPolicy
List
of child policy nodes
ProcessingException
- if the referenced policy can't be retrievedpublic List getChildElements()
getChildElements
in class AbstractPolicy
List
of CombinerElement
s
ProcessingException
- if the referenced policy can't be retrievedpublic Set getObligations()
getObligations
in class AbstractPolicy
ProcessingException
- if the referenced policy can't be retrievedpublic PolicyMetaData getMetaData()
getMetaData
in class AbstractPolicy
ProcessingException
- if the referenced policy can't be retrievedpublic MatchResult match(EvaluationCtx context)
match
in interface PolicyTreeElement
match
in class AbstractPolicy
context
- the representation of the request
public Result evaluate(EvaluationCtx context)
match
method must always
be called first, and must always return MATCH, before this method
is called.
evaluate
in interface PolicyTreeElement
evaluate
in class AbstractPolicy
context
- the representation of the request
public void encode(OutputStream output)
PolicyReference
into its XML representation
and writes this encoding to the given OutputStream
with
no indentation.
output
- a stream into which the XML-encoded data is writtenpublic void encode(OutputStream output, Indenter indenter)
PolicyReference
into its XML representation
and writes this encoding to the given OutputStream
with
indentation.
output
- a stream into which the XML-encoded data is writtenindenter
- an object that creates indentation strings
|
JBoss port of sunxacml 2.0.5-redhat-1 | |||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |