com.sun.identity.delegation

Class DelegationEvaluatorImpl

java.lang.Object

com.sun.identity.delegation.DelegationEvaluatorImpl

All Implemented Interfaces:

DelegationEvaluator

public class DelegationEvaluatorImpl
extends Object
implements DelegationEvaluator

The DelegationEvaluator class provides interfaces to evaluate access permissions for an administrator.

Constructor Summary

Constructors

Constructor and Description
DelegationEvaluatorImpl() Constructor of DelegationEvaluator to get access control permissions for users.

Method Summary

Modifier and Type	Method and Description
Set	getPermissions(SSOToken token, String orgName) Returns a set of permissions that a user has.
boolean	isAllowed(SSOToken token, DelegationPermission permission, Map envParameters) Returns a boolean value indicating if a user has the specified permission.
boolean	isAllowed(SSOToken token, DelegationPermission permission, Map envParameters, boolean subTreeMode) Returns a boolean value indicating if a user has the specified permission.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

DelegationEvaluatorImpl

public DelegationEvaluatorImpl()

Constructor of DelegationEvaluator to get access control permissions for users.

Method Detail

isAllowed

public boolean isAllowed(SSOToken token,
                         DelegationPermission permission,
                         Map envParameters,
                         boolean subTreeMode)
                  throws SSOException,
                         DelegationException

Description copied from interface: DelegationEvaluator

Returns a boolean value indicating if a user has the specified permission.

Specified by:

isAllowed in interface DelegationEvaluator

Parameters:

token - SSO token of the user evaluating permission

permission - delegation permission to be evaluated

envParameters - run-time environment parameters

subTreeMode - whether to run in subtree mode or not

Returns:

the result of the evaluation as a boolean value

Throws:

SSOException - if single-sign-on token invalid or expired

DelegationException - for any other abnormal condition

isAllowed

public boolean isAllowed(SSOToken token,
                         DelegationPermission permission,
                         Map envParameters)
                  throws SSOException,
                         DelegationException

Returns a boolean value indicating if a user has the specified permission.

Specified by:

isAllowed in interface DelegationEvaluator

Parameters:

token - sso token of the user evaluating permission

permission - delegation permission to be evaluated

envParameters - run-time environment parameters

Returns:

the result of the evaluation as a boolean value

Throws:

SSOException - if single-sign-on token invalid or expired

DelegationException - for any other abnormal condition

getPermissions

public Set getPermissions(SSOToken token,
                          String orgName)
                   throws SSOException,
                          DelegationException

Returns a set of permissions that a user has.

Parameters:

token - SSOToken of the user requesting permissions

orgName - The name of the realm in which a user's delegation permissions are evaluated.

Returns:

a Set of permissions that a user has

Throws:

SSOException - if single-sign-on token invalid or expired

DelegationException - for any other abnormal condition