| Package | Description |
|---|---|
| com.sun.identity.delegation |
Provides classes for delegation service.
|
| com.sun.identity.delegation.interfaces |
This package provides interface for delegation plugins that would register
with delegation framework to manage and evaluate delegation access control
privileges and permissions.
|
| com.sun.identity.delegation.plugins | |
| org.forgerock.openam.rest.router |
This package contains classes for the routing of REST requests for OpenAM.
|
| org.forgerock.openam.session |
| Modifier and Type | Method and Description |
|---|---|
void |
DelegationManager.addPrivilege(DelegationPrivilege privilege)
Adds a delegation privilege to a specific realm.
|
static void |
DelegationUtils.copyRealmPrivilegesFromParent(SSOToken token,
OrganizationConfigManager parent,
OrganizationConfigManager child)
Creates default privileges for a newly created realm This method should
be called in realm mode only.
|
static void |
DelegationUtils.createRealmPrivileges(SSOToken token,
String realmName)
Creates default privileges for a newly created realm This method should
be called in legacy mode only.
|
static void |
DelegationUtils.deleteRealmPrivileges(SSOToken token,
String realmName)
Deletes all the delegation privileges of a specific realm
|
Set |
DelegationManager.getConfiguredPrivilegeNames()
Returns all the names of the delegation privileges that are configured
with the realm.
|
Set |
DelegationManager.getManageableOrganizationNames(Set organizationNames)
Returns a set of realm names, based on the input parameter
organizationNames, in which the "user" has some
delegation permissions. |
Set |
DelegationEvaluatorImpl.getPermissions(SSOToken token,
String orgName)
Returns a set of permissions that a user has.
|
Set |
DelegationManager.getPrivileges()
Returns all the delegation privileges associated with the realm.
|
Set |
DelegationManager.getPrivileges(String universalId)
Returns all the delegation privileges associated with the realm and
applicable to a subject.
|
Set |
DelegationManager.getSubjects(String pattern)
Returns a set of selected subjects matching the pattern in the given
realm.
|
boolean |
DelegationEvaluatorImpl.isAllowed(SSOToken token,
DelegationPermission permission,
Map envParameters)
Returns a boolean value indicating if a user has the specified
permission.
|
boolean |
DelegationEvaluator.isAllowed(SSOToken token,
DelegationPermission permission,
Map<String,Set<String>> envParameters)
Returns a boolean value indicating if a user has the specified permission.
|
boolean |
DelegationEvaluator.isAllowed(SSOToken token,
DelegationPermission permission,
Map<String,Set<String>> envParameters,
boolean subTreeMode)
Returns a boolean value indicating if a user has the specified permission.
|
boolean |
DelegationEvaluatorImpl.isAllowed(SSOToken token,
DelegationPermission permission,
Map envParameters,
boolean subTreeMode) |
DelegationPermission |
DelegationPermissionFactory.newInstance(String orgName,
String serviceName,
String version,
String configType,
String subConfigName,
Set<String> actions,
Map<String,String> extensions)
Creates a new
DelegationPermission instance. |
void |
DelegationManager.removePrivilege(String privilegeName)
Removes a delegation privilege to the realm.
|
void |
DelegationPermission.setActions(Set actions)
Sets the action names in the permission
|
void |
DelegationPermission.setConfigType(String configType)
Sets the config type in the permission
|
void |
DelegationPermission.setExtensions(Map extensions)
Sets the extensions in the permission
|
void |
DelegationPrivilege.setName(String name)
Sets the privilege name in the privilege
|
void |
DelegationPermission.setOrganizationName(String name)
Sets the realm name in the permission
|
void |
DelegationPrivilege.setPermissions(Set permissions)
Sets the
DelegationPermissions in the privilege |
void |
DelegationPermission.setServiceName(String name)
Sets the service name in the permission
|
void |
DelegationPermission.setSubConfigName(String name)
Sets the subconfig name in the permission
|
void |
DelegationPrivilege.setSubjects(Set names)
Sets the subject names in the privilege
|
void |
DelegationPermission.setVersion(String version)
Sets the service version in the permission
|
| Constructor and Description |
|---|
DelegationManager(SSOToken token,
String orgName)
Constructor of
DelegationManager for the specified realm. |
DelegationPermission(String orgName,
String serviceName,
String version,
String configType,
String subConfigName,
Set actions,
Map extensions)
Constructor for
DelegationPermission. |
DelegationPermission(String orgName,
String serviceName,
String version,
String configType,
String subConfigName,
Set actions,
Map extensions,
org.forgerock.util.Function<String,String,org.forgerock.util.promise.NeverThrowsException> orgNameToDNFunc)
Constructor for
DelegationPermission. |
DelegationPrivilege(String name,
Set permissions,
Set subjects)
Constructor for
DelegationPrivilege. |
DelegationPrivilege(String name,
Set subjects,
String orgName)
Constructor for
DelegationPrivilege. |
| Modifier and Type | Method and Description |
|---|---|
void |
DelegationInterface.addPrivilege(SSOToken token,
String orgName,
DelegationPrivilege privilege)
Adds a delegation privilege to a specific realm.
|
Set |
DelegationInterface.getManageableOrganizationNames(SSOToken token,
Set organizationNames)
Returns a set of realm names, based on the input parameter
organizationNames, in which the "user" has some
delegation permissions. |
Set |
DelegationInterface.getPermissions(SSOToken token,
String orgName)
Returns a set of permissions that a user has.
|
Set |
DelegationInterface.getPrivileges(SSOToken token,
String orgName)
Returns all the delegation privileges associated with a realm.
|
Set |
DelegationInterface.getSubjects(SSOToken token,
String orgName,
Set types,
String pattern)
Returns a set of selected subjects of specified types matching the
pattern in the given realm.
|
void |
DelegationInterface.initialize(SSOToken appToken,
Map configParams)
Initialize (or configure) the
DelegationInterface object. |
boolean |
DelegationInterface.isAllowed(SSOToken token,
DelegationPermission permission,
Map envParams)
Returns a boolean value indicating if a user has the the specified
permission.
|
void |
DelegationInterface.removePrivilege(SSOToken token,
String orgName,
String privilegeName)
Removes a delegation privilege from a specific realm.
|
| Modifier and Type | Method and Description |
|---|---|
void |
DelegationPolicyImpl.addPrivilege(SSOToken token,
String orgName,
DelegationPrivilege privilege)
Adds a delegation privilege to a specific realm.
|
Set |
DelegationPolicyImpl.getManageableOrganizationNames(SSOToken token,
Set organizationNames)
Returns a set of realm names, based on the input parameter
organizationNames, in which the "user" has some
delegation permissions. |
Set |
DelegationPolicyImpl.getPermissions(SSOToken token,
String orgName)
Returns a set of permissions that a user has.
|
Set |
DelegationPolicyImpl.getPrivileges(SSOToken token,
String orgName)
Returns all the delegation privileges associated with a realm.
|
Set |
DelegationPolicyImpl.getSubjects(SSOToken token,
String orgName,
Set types,
String pattern)
Returns a set of selected subjects of specified types matching the
pattern in the given realm.
|
void |
DelegationPolicyImpl.initialize(SSOToken token,
Map configParams)
Initialize (or configure) the
DelegationInterface
object. |
boolean |
DelegationPolicyImpl.isAllowed(SSOToken token,
DelegationPermission permission,
Map envParams)
Returns a boolean value; if a user has the specified
permission returns true, false otherwise.
|
void |
DelegationPolicyImpl.removePrivilege(SSOToken token,
String orgName,
String privilegeName)
Removes a delegation privilege from a specific realm.
|
| Modifier and Type | Method and Description |
|---|---|
boolean |
DelegationEvaluatorProxy.isAllowed(SSOToken token,
DelegationPermission permission,
Map<String,Set<String>> envParameters) |
boolean |
DelegationEvaluatorProxy.isAllowed(SSOToken token,
DelegationPermission permission,
Map<String,Set<String>> envParameters,
boolean subTreeMode) |
| Modifier and Type | Method and Description |
|---|---|
boolean |
SessionPropertyWhitelist.isPropertyListed(SSOToken caller,
String realm,
Collection<String> propertyNames)
Whether or not the property is listed in the whitelist.
|
boolean |
SessionPropertyWhitelist.userHasReadAdminPrivs(SSOToken token,
String realm)
Returns true if the user is an administrator, or if it has delegated permissions to perform this
request.
|
Copyright © 2010–2025 Open Identity Platform Community. All rights reserved.