| Modifier and Type | Method and Description |
|---|---|
protected Map<String,Set<String>> |
ApplicationPrivilegeBase.getApplicationResourcesMap(RequestContext rc,
String realm) |
| Modifier and Type | Method and Description |
|---|---|
protected EntitlementException |
URLResourceName.constructResourceInvalidException(Object[] args) |
protected EntitlementException |
PrefixResourceName.constructResourceInvalidException(Object[] args) |
| Modifier and Type | Method and Description |
|---|---|
void |
PrivilegeManager.add(Privilege privilege)
Add a privilege.
|
abstract void |
PrivilegeIndexStore.add(Set<IPrivilege> privileges)
Adds a set of privileges to the data store.
|
void |
IPrivilegeManager.add(T privilege)
Add a privilege.
|
void |
ListenerManager.addListener(Subject adminSubject,
EntitlementListener listener)
Adds entitlement listener.
|
abstract void |
PolicyDataStore.addPolicy(Subject subject,
String realm,
Privilege privilege)
Adds policy.
|
abstract void |
ApplicationPrivilegeManager.addPrivilege(ApplicationPrivilege appPrivilege)
Adds a delegation privilege.
|
abstract void |
PolicyDataStore.addReferral(Subject subject,
String realm,
ReferralPrivilege referral)
Adds a referral privilege.
|
void |
EntitlementConfiguration.addSubjectAttributeNames(String application,
Set<String> names)
Adds subject attribute names.
|
boolean |
IPrivilegeManager.canFindByName(String name)
Checks if a privilege with the specified name can be found.
|
boolean |
PrivilegeManager.canFindByName(String name)
Checks if a privilege with the specified name can be found.
|
String |
RegExResourceName.canonicalize(String res) |
String |
ExactMatchResourceName.canonicalize(String str)
Canonicalizes a string.
|
void |
Entitlement.canonicalizeResources(Subject adminSubject,
String realm)
Canonicalizes resource name before persistence.
|
void |
ReferralPrivilege.canonicalizeResources(Subject adminSubject,
String realm)
Deprecated.
Canonicalizes resource name before persistence.
|
void |
Privilege.canonicalizeResources(Subject adminSubject,
String realm)
Canonicalizes resource name before persistence.
|
abstract void |
PrivilegeIndexStore.delete(Set<IPrivilege> privilege)
Deletes a set of privileges from data store.
|
abstract void |
PrivilegeIndexStore.delete(String privilegeName)
Deletes a privilege from data store.
|
abstract String |
PrivilegeIndexStore.delete(String privilegeName,
boolean notify)
Deletes a privilege from data store.
|
abstract void |
PrivilegeIndexStore.deleteReferral(String privilegeName)
Deletes a referralprivilege from data store.
|
abstract String |
PrivilegeIndexStore.deleteReferral(String privilegeName,
boolean notify)
Deletes a referralprivilege from data store.
|
protected ConditionDecision |
Privilege.doesConditionMatch(String realm,
Subject subject,
String resourceName,
Map<String,Set<String>> environment) |
protected SubjectDecision |
Privilege.doesSubjectMatch(Subject adminSubject,
String realm,
Subject subject,
String resourceName,
Map<String,Set<String>> environment) |
SubjectDecision |
NotSubject.evaluate(String realm,
SubjectAttributesManager mgr,
Subject subject,
String resourceName,
Map<String,Set<String>> environment)
Returns
SubjectDecision of
EntitlementSubject evaluation. |
SubjectDecision |
OrSubject.evaluate(String realm,
SubjectAttributesManager mgr,
Subject subject,
String resourceName,
Map<String,Set<String>> environment)
Returns
SubjectDecision of
EntitlementSubject evaluation |
SubjectDecision |
EntitlementSubject.evaluate(String realm,
SubjectAttributesManager mgr,
Subject subject,
String resourceName,
Map<String,Set<String>> environment)
Returns
SubjectDecision of EntitlementSubject evaluation. |
SubjectDecision |
NoSubject.evaluate(String realm,
SubjectAttributesManager mgr,
Subject subject,
String resourceName,
Map<String,Set<String>> environment) |
SubjectDecision |
AndSubject.evaluate(String realm,
SubjectAttributesManager mgr,
Subject subject,
String resourceName,
Map<String,Set<String>> environment)
Returns
SubjectDecision of
EntitlementSubject evaluation |
SubjectDecision |
GroupSubject.evaluate(String realm,
SubjectAttributesManager mgr,
Subject subject,
String resourceName,
Map<String,Set<String>> environment)
Deprecated.
Returns
SubjectDecision of
EntitlementSubject evaluation. |
SubjectDecision |
AnyUserSubject.evaluate(String realm,
SubjectAttributesManager mgr,
Subject subject,
String resourceName,
Map<String,Set<String>> environment)
Deprecated.
|
SubjectDecision |
AttributeSubject.evaluate(String realm,
SubjectAttributesManager mgr,
Subject subject,
String resourceName,
Map<String,Set<String>> environment)
Returns
SubjectDecision of
EntitlementSubject evaluation |
SubjectDecision |
JwtClaimSubject.evaluate(String realm,
SubjectAttributesManager mgr,
Subject subject,
String resourceName,
Map<String,Set<String>> environment) |
SubjectDecision |
UserSubject.evaluate(String realm,
SubjectAttributesManager mgr,
Subject subject,
String resourceName,
Map<String,Set<String>> environment)
Deprecated.
Returns
SubjectDecision of
EntitlementSubject evaluation |
List<Entitlement> |
Evaluator.evaluate(String realm,
Subject subject,
Set<String> resourceNames,
Map<String,Set<String>> environment)
Returns a list of entitlements for a given subject, resource names and environment.
|
ConditionDecision |
OrCondition.evaluate(String realm,
Subject subject,
String resourceName,
Map<String,Set<String>> environment)
Evaluates this
ConditionDecision's EntitlementConditions to determine the correct
decision to return - if any of the EntitlementConditions are true, the returned decision is
satisfied and has no advices. |
ConditionDecision |
AndCondition.evaluate(String realm,
Subject subject,
String resourceName,
Map<String,Set<String>> environment)
Returns
ConditionDecision of
EntitlementCondition evaluation |
ConditionDecision |
EntitlementCondition.evaluate(String realm,
Subject subject,
String resourceName,
Map<String,Set<String>> environment)
Returns condition decision.
|
ConditionDecision |
NotCondition.evaluate(String realm,
Subject subject,
String resourceName,
Map<String,Set<String>> environment)
Returns
ConditionDecision of
EntitlementCondition evaluation |
abstract ConditionDecision |
LogicalCondition.evaluate(String realm,
Subject subject,
String resourceName,
Map<String,Set<String>> environment)
Returns
ConditionDecision of
EntitlementCondition evaluation |
ConditionDecision |
AttributeLookupCondition.evaluate(String realm,
Subject subject,
String resourceName,
Map<String,Set<String>> environment)
Returns
ConditionDecision of
EntitlementCondition evaluation. |
ConditionDecision |
StringAttributeCondition.evaluate(String realm,
Subject subject,
String resourceName,
Map<String,Set<String>> environment) |
ConditionDecision |
NumericAttributeCondition.evaluate(String realm,
Subject subject,
String resourceName,
Map<String,Set<String>> environment) |
List<Entitlement> |
Evaluator.evaluate(String realm,
Subject subject,
String resourceName,
Map<String,Set<String>> environment,
boolean recursive)
Returns a list of entitlements for a given subject, resource name
and environment.
|
SubjectDecision |
AnonymousESubject.evaluate(Subject subject,
String resourceName,
Map<String,Set<String>> environment)
Returns
SubjectDecision of
ESubject evaluation |
Map<String,Set<String>> |
UserAttributes.evaluate(Subject adminSubject,
String realm,
Subject subject,
String resourceName,
Map<String,Set<String>> environment)
Returns resoruce attributes aplicable to the request
|
Map<String,Set<String>> |
ResourceAttribute.evaluate(Subject adminSubject,
String realm,
Subject subject,
String resourceName,
Map<String,Set<String>> environment)
Returns resource attributes applicable to the request.
|
Map<String,Set<String>> |
StaticAttributes.evaluate(Subject adminSubject,
String realm,
Subject subject,
String resourceName,
Map<String,Set<String>> environment)
Returns resoruce attributes aplicable to the request
|
Set<String> |
Entitlement.evaluate(Subject adminSubject,
String realm,
Subject subject,
String applicationName,
String resourceName,
Set<String> actionNames,
Map<String,Set<String>> environment,
boolean recursive)
Returns a set of resource names that match the given resource.
|
List<Entitlement> |
ReferralPrivilege.evaluate(Subject adminSubject,
String realm,
Subject subject,
String applicationName,
String normalisedResourceName,
String requestedResourceName,
Set<String> actionNames,
Map<String,Set<String>> environment,
boolean recursive,
Object context)
Deprecated.
|
List<Entitlement> |
IPrivilege.evaluate(Subject adminSubject,
String realm,
Subject subject,
String applicationName,
String normalisedResourceName,
String requestedResourceName,
Set<String> actionNames,
Map<String,Set<String>> environment,
boolean recursive,
Object context)
Returns a list of entitlement for a given subject, resource name
and environment.
|
abstract List<Entitlement> |
Privilege.evaluate(Subject adminSubject,
String realm,
Subject subject,
String applicationName,
String normalisedResourceName,
String requestedResourceName,
Set<String> actionNames,
Map<String,Set<String>> environment,
boolean recursive,
Object context)
Returns a list of entitlement for a given subject, resource name
and environment.
|
abstract List<Privilege> |
PrivilegeIndexStore.findAllPolicies()
Finds all policies within the passed realm.
|
abstract List<Privilege> |
PrivilegeManager.findAllPolicies()
Finds all policies within the realm.
|
abstract List<Privilege> |
PrivilegeIndexStore.findAllPoliciesByApplication(String application)
Finds all policies within the passed realm and application.
|
abstract List<Privilege> |
PrivilegeManager.findAllPoliciesByApplication(String application)
Finds all policies within the realm and passed application.
|
abstract List<Privilege> |
PrivilegeIndexStore.findAllPoliciesByIdentityUid(String uid)
Finds all policies based on the identity uid, whether user or group uid.
|
abstract List<Privilege> |
PrivilegeManager.findAllPoliciesByIdentityUid(String uid)
Finds all policies based on the identity uid, whether user or group uid.
|
T |
IPrivilegeManager.findByName(String name)
Finds a privilege by its unique name.
|
abstract Privilege |
PrivilegeManager.findByName(String name,
Subject subject)
Returns a privilege.
|
Application |
Entitlement.getApplication(Subject adminSubject,
String realm)
Returns application for this entitlement.
|
Set<String> |
SubjectAttributesManager.getApplicationAttributeNames(String realm,
String applicationName)
Returns application attribute names.
|
Class |
ApplicationType.getApplicationClass()
Returns application class
|
Set<String> |
ReferralPrivilege.getApplicationTypeNames(Subject adminSubject,
String realm)
Deprecated.
|
Map<String,Set<String>> |
SubjectAttributesCollector.getAttributes(Subject subject,
Set<String> attrNames)
Returns the attribute values of the given user represented by
|
Map<String,Set<String>> |
SubjectAttributesManager.getAttributes(Subject subject,
Set<String> attrNames)
Returns the attribute values of the given user represented by
|
protected Map<String,Set<String>> |
Privilege.getAttributes(Subject adminSubject,
String realm,
Subject subject,
String resourceName,
Map<String,Set<String>> environment) |
Set<String> |
SubjectAttributesCollector.getAvailableSubjectAttributeNames()
Returns available subject attribute names.
|
Set<String> |
SubjectAttributesManager.getAvailableSubjectAttributeNames()
Returns available subject attribute names.
|
static Privilege |
Privilege.getInstance(org.json.JSONObject jo) |
EntitlementListener |
ListenerManager.getListener(Subject adminSubject,
String url)
Returns registered listener of the notification URL.
|
Set<EntitlementListener> |
ListenerManager.getListeners(Subject adminSubject)
Returns a set of registered listeners.
|
protected Set<String> |
Entitlement.getMatchingResources(Subject adminSubject,
String realm,
Subject subject,
String applicationName,
String resourceName,
boolean recursive) |
static Privilege |
Privilege.getNewInstance()
Returns entitlement privilege.
|
static Privilege |
Privilege.getNewInstance(org.json.JSONObject jo) |
static Privilege |
Privilege.getNewInstance(String jo) |
abstract Object |
PolicyDataStore.getPolicy(Subject adminSubject,
String realm,
String name)
Returns policy object.
|
abstract ApplicationPrivilege |
ApplicationPrivilegeManager.getPrivilege(String name)
Returns the application privilege object.
|
abstract ReferralPrivilege |
PolicyDataStore.getReferral(Subject adminSubject,
String realm,
String name)
Returns referral privilege object.
|
abstract Set<String> |
PrivilegeIndexStore.getReferredResources(String applicationTypeName)
Returns a set of resources that are referred to this realm.
|
ResourceSaveIndexes |
Entitlement.getResourceSaveIndexes(Subject adminSubject,
String realm)
Returns resource save indexes.
|
ResourceSaveIndexes |
ReferralPrivilege.getResourceSaveIndexes(Subject adminSubject,
String realm)
Deprecated.
Returns resource save indexes.
|
ResourceSaveIndexes |
IPrivilege.getResourceSaveIndexes(Subject adminSubject,
String realm)
Returns resource save indexes.
|
ResourceSaveIndexes |
Privilege.getResourceSaveIndexes(Subject adminSubject,
String realm)
Returns resource save indexes.
|
ResourceSearchIndexes |
ApplicationType.getResourceSearchIndex(String resource,
String realm)
Returns search indexes for a give resource name.
|
ResourceSearchIndexes |
Application.getResourceSearchIndex(String resource,
String realm)
Returns search indexes for a given resource.
|
ResourceSearchIndexes |
Entitlement.getResourceSearchIndexes(Subject adminSubject,
String realm)
Returns resource search indexes.
|
Set<String> |
EntitlementConfiguration.getSubjectAttributeNames(String application)
Returns subject attribute names.
|
Map<String,Set<String>> |
EntitlementConfiguration.getSubjectAttributesCollectorConfiguration(String name)
Returns subject attributes collector configuration.
|
Set<String> |
SubjectAttributesManager.getSubjectSearchFilter(Subject subject,
String applicationName)
Returns the subject search filter for a given subject.
|
static Set<String> |
SubjectAttributesManager.getSubjectSearchIndexes(Privilege privilege)
Returns the subject search indexes for a given privilege.
|
Map<String,Set<String>> |
SubjectAttributesCollector.getUserAttributes(Subject subject,
Set<String> attrNames)
Returns the attribute values of the given user represented by
|
Map<String,Set<String>> |
SubjectAttributesManager.getUserAttributes(Subject subject,
Set<String> attrNames)
Returns the attribute values of the given user represented by
|
boolean |
Evaluator.hasEntitlement(String realm,
Subject subject,
Entitlement e,
Map<String,Set<String>> envParameters)
Returns
true if the subject is granted to an entitlement. |
abstract boolean |
ApplicationPrivilegeManager.hasPrivilege(Application app,
ApplicationPrivilege.Action action) |
abstract boolean |
ApplicationPrivilegeManager.hasPrivilege(Privilege p,
ApplicationPrivilege.Action action)
Returns
true if the subject has permission to a
privilege of a given action. |
abstract boolean |
ApplicationPrivilegeManager.hasPrivilege(ReferralPrivilege p,
ApplicationPrivilege.Action action)
Returns
true if the subject has permission to a
referral privilege of a given action. |
abstract boolean |
PrivilegeIndexStore.hasPrivilgesWithApplication(String realm,
String applName) |
void |
EntitlementCombiner.init(String normalisedResourceName,
String requestedResourceName,
Set<String> actions,
boolean isRecursive,
Application application)
Initializes the combiner.
|
void |
EntitlementCombiner.init(String realm,
String applicationName,
String normalisedResourceName,
String requestedResourceName,
Set<String> actions,
boolean isRecursive)
Initializes the combiner.
|
abstract void |
PrivilegeManager.modify(String existingName,
Privilege privilege)
Modifies the specified policy.
|
void |
IPrivilegeManager.modify(T privilege)
Modify a privilege.
|
protected abstract void |
PrivilegeManager.notifyPrivilegeChanged(String realm,
Privilege previous,
Privilege current,
PolicyEventType eventType) |
void |
WSDLParser.parse(File file) |
void |
WSDLParser.parse(InputStream is) |
void |
WSDLParser.parse(String uri) |
void |
IPrivilegeManager.remove(String name)
Remove a privilege.
|
void |
EntitlementConfiguration.removeApplication(String name)
Removes application.
|
void |
EntitlementConfiguration.removeApplicationType(String name)
Removes application type.
|
static void |
ApplicationTypeManager.removeApplicationType(Subject adminSubject,
String name)
Removes application type.
|
boolean |
ListenerManager.removeListener(Subject adminSubject,
String url)
Returns
true if listener(s) is/are successfully removed. |
abstract void |
ApplicationPrivilegeManager.removePrivilege(String name)
Removes a privilege.
|
abstract void |
PolicyDataStore.removePrivilege(Subject subject,
String realm,
Privilege privilege)
Removes policy.
|
abstract void |
PolicyDataStore.removeReferral(Subject subject,
String realm,
ReferralPrivilege referral) |
abstract void |
ApplicationPrivilegeManager.replacePrivilege(ApplicationPrivilege appPrivilege)
Replaces (or modifies) an existing privilege.
|
static void |
ApplicationTypeManager.saveApplicationType(Subject adminSubject,
ApplicationType appType)
Stores application type.
|
List<Privilege> |
PrivilegeManager.search(Set<SearchFilter> filter)
Returns a set of privileges that match the given search criteria with no size or time limits.
|
List<Privilege> |
PrivilegeManager.search(Set<SearchFilter> filter,
int searchSizeLimit,
int searchTimeLimit)
Returns a set of privileges that match the given search criteria.
|
abstract Iterator<IPrivilege> |
PrivilegeIndexStore.search(String realm,
ResourceSearchIndexes indexes,
Set<String> subjectIndexes,
boolean bSubTree)
Returns an iterator of matching privilege objects.
|
Set<Application> |
EntitlementConfiguration.searchApplications(Subject subject,
org.forgerock.util.query.QueryFilter<String> queryFilter)
Returns a set of applications for the given search criteria.
|
Set<String> |
IPrivilegeManager.searchNames(Set<SearchFilter> filter)
Returns a set of privilege names for a given search criteria.
|
Set<String> |
PrivilegeManager.searchNames(Set<SearchFilter> filter)
Returns a set of privilege names for a given search criteria.
|
Set<String> |
IPrivilegeManager.searchNames(Set<SearchFilter> filter,
int searchSizeLimit,
int searchTimeLimit)
Returns a set of privilege names for a given search criteria.
|
Set<String> |
PrivilegeManager.searchNames(Set<SearchFilter> filter,
int searchSizeLimit,
int searchTimeLimit)
Returns a set of privilege names for a given search criteria.
|
abstract Set<String> |
PrivilegeIndexStore.searchPrivilegeNames(Set<SearchFilter> filters,
boolean boolAnd,
int numOfEntries,
boolean sortResults,
boolean ascendingOrder)
Returns a set of privilege names that matched a set of search criteria.
|
abstract Set<String> |
PrivilegeIndexStore.searchReferralPrivilegeNames(Set<SearchFilter> filters,
boolean boolAnd,
int numOfEntries,
boolean sortResults,
boolean ascendingOrder)
Returns a set of referral privilege names that matched a set of search
criteria.
|
void |
Privilege.setEntitlement(Entitlement entitlement)
Sets entitlement.
|
void |
ReferralPrivilege.setMapApplNameToResources(Map<String,Set<String>> map)
Deprecated.
Sets the application name to resource name.
|
void |
Privilege.setName(String name)
Sets name.
|
void |
ReferralPrivilege.setRealms(Set<String> realms)
Deprecated.
Sets realms.
|
void |
Privilege.setSubject(EntitlementSubject eSubject)
Sets entitlement subject.
|
void |
ApplicationPrivilege.setSubject(Set<SubjectImplementation> entitlementSubjects)
Sets entitlement subject.
|
void |
EntitlementConfiguration.setSubjectAttributesCollectorConfiguration(String name,
Map<String,Set<String>> attrMap)
Sets subject attributes collector configuration.
|
void |
EntitlementConfiguration.storeApplication(Application application)
Stores the application to data store.
|
void |
EntitlementConfiguration.storeApplicationType(ApplicationType applicationType)
Stores the application type to data store.
|
void |
EntitlementCondition.validate()
Checks that this condition is configured correctly.
|
void |
NotCondition.validate() |
void |
LogicalCondition.validate() |
void |
AttributeLookupCondition.validate() |
void |
StringAttributeCondition.validate() |
void |
NumericAttributeCondition.validate() |
protected void |
PrivilegeManager.validate(Privilege privilege)
Validates the passed policy.
|
| Constructor and Description |
|---|
EntitlementListener(org.json.JSONObject jo) |
EntitlementListener(String url,
String application,
Collection<String> resourceNames)
Constructor.
|
EntitlementListener(URL url,
String application,
Collection<String> resourceNames)
Constructor.
|
Evaluator(Subject subject)
Constructor to create an evaluator the default service type.
|
Evaluator(Subject subject,
String applicationName)
Constructor to create an evaluator given the service type.
|
ReferralPrivilege(String name,
Map<String,Set<String>> map,
Set<String> realms)
Deprecated.
Constructor
|
| Modifier and Type | Method and Description |
|---|---|
void |
IEntitlementListenerRegistry.addListener(Subject adminSubject,
EntitlementListener l)
Adds entitlement listener.
|
ResourceSearchIndexes |
ISearchIndex.getIndexes(String resource,
String realm)
Returns search indexes for a given resource.
|
Set<EntitlementListener> |
IEntitlementListenerRegistry.getListeners(Subject adminSubject)
Returns a set of registered entitlement listener.
|
boolean |
IEntitlementListenerRegistry.removeListener(Subject adminSubject,
String url)
Returns
true if listener(s) is/are successfully removed. |
| Modifier and Type | Method and Description |
|---|---|
void |
PolicyPrivilegeManager.add(Privilege privilege)
Add a privilege.
|
void |
OpenSSOIndexStore.add(Set<IPrivilege> privileges)
Adds a set of privileges to the data store.
|
String |
DataStore.add(Subject adminSubject,
String realm,
Privilege p)
Adds a privilege.
|
void |
OpenSSOEntitlementListener.addListener(Subject adminSubject,
EntitlementListener l) |
void |
OpenSSOPolicyDataStore.addPolicy(Subject subject,
String realm,
Privilege privilege) |
void |
OpenSSOApplicationPrivilegeManager.addPrivilege(ApplicationPrivilege appPrivilege) |
String |
DataStore.addReferral(Subject adminSubject,
String realm,
ReferralPrivilege referral)
Adds a referral.
|
void |
OpenSSOPolicyDataStore.addReferral(Subject subject,
String realm,
ReferralPrivilege referral) |
void |
EntitlementService.addSubjectAttributeNames(String applicationName,
Set<String> names)
Returns subject attribute names.
|
void |
OpenSSOIndexStore.delete(Set<IPrivilege> privileges)
Deletes a privilege from data store.
|
void |
OpenSSOIndexStore.delete(String privilegeName)
Deletes a set of privileges from data store.
|
String |
OpenSSOIndexStore.delete(String privilegeName,
boolean notify) |
void |
OpenSSOIndexStore.deleteReferral(String privilegeName)
Deletes a referral privilege from data store.
|
String |
OpenSSOIndexStore.deleteReferral(String privilegeName,
boolean notify) |
SubjectDecision |
PolicySubject.evaluate(String realm,
SubjectAttributesManager mgr,
Subject subject,
String resourceName,
Map<String,Set<String>> environment)
Returns subject decision.
|
SubjectDecision |
OpenSSOGroupSubject.evaluate(String realm,
SubjectAttributesManager mgr,
Subject subject,
String resourceName,
Map<String,Set<String>> environment)
Deprecated.
Returns
SubjectDecision of
EntitlementSubject evaluation |
ConditionDecision |
PolicyCondition.evaluate(String realm,
Subject subject,
String resourceName,
Map<String,Set<String>> environment)
Returns condition decision.
|
Map<String,Set<String>> |
PolicyResponseProvider.evaluate(Subject adminSubject,
String realm,
Subject subject,
String resourceName,
Map<String,Set<String>> environment)
Called by the entitlements framework to fetch its resource attributes;
cascades the call through to the configured response provider implementation
|
List<Entitlement> |
OpenSSOPrivilege.evaluate(Subject adminSubject,
String realm,
Subject subject,
String applicationName,
String normalisedResourceName,
String requestedResourceName,
Set<String> actionNames,
Map<String,Set<String>> environment,
boolean recursive,
Object context) |
List<Privilege> |
OpenSSOIndexStore.findAllPolicies() |
List<Privilege> |
PolicyPrivilegeManager.findAllPolicies() |
List<Privilege> |
OpenSSOIndexStore.findAllPoliciesByApplication(String application) |
List<Privilege> |
PolicyPrivilegeManager.findAllPoliciesByApplication(String application) |
List<Privilege> |
OpenSSOIndexStore.findAllPoliciesByIdentityUid(String uid) |
List<Privilege> |
PolicyPrivilegeManager.findAllPoliciesByIdentityUid(String uid) |
Privilege |
PolicyPrivilegeManager.findByName(String name)
Finds a privilege by its unique name.
|
Privilege |
PolicyPrivilegeManager.findByName(String privilegeName,
Subject adminSubject) |
Map<String,Set<String>> |
OpenSSOSubjectAttributesCollector.getAttributes(Subject subject,
Set<String> attributeNames) |
Set<String> |
OpenSSOSubjectAttributesCollector.getAvailableSubjectAttributeNames() |
Set<EntitlementListener> |
OpenSSOEntitlementListener.getListeners(Subject adminSubject) |
Object |
OpenSSOPolicyDataStore.getPolicy(Subject adminSubject,
String realm,
String name) |
Condition |
PolicyCondition.getPolicyCondition()
Constructs a legacy policy
Condition object based on the information contained in this adapter. |
static String |
PrivilegeUtils.getPolicyName(Object policy) |
Subject |
PolicySubject.getPolicySubject()
Constructs a legacy policy subject based on the information in this adapter.
|
ApplicationPrivilege |
OpenSSOApplicationPrivilegeManager.getPrivilege(String name) |
IPrivilege |
DataStore.getPrivilege(String realm,
String privilegeIdentifier)
Retrieves an individual privilege from the data store.
|
ReferralPrivilege |
OpenSSOPolicyDataStore.getReferral(Subject adminSubject,
String realm,
String name) |
Set<String> |
OpenSSOIndexStore.getReferredResources(String applicationTypeName)
Returns a set of resources that are referred to this realm.
|
ResponseProvider |
PolicyResponseProvider.getResponseProvider()
Constructs a legacy response provider based on the information in this adapter.
|
Map<String,Set<String>> |
EntitlementService.getSubjectAttributesCollectorConfiguration(String name)
Returns subject attributes collector configuration.
|
Map<String,Set<String>> |
OpenSSOSubjectAttributesCollector.getUserAttributes(Subject subject,
Set<String> attrNames)
Returns the attribute values of the given user represented by
|
boolean |
OpenSSOApplicationPrivilegeManager.hasPrivilege(Application app,
ApplicationPrivilege.Action action) |
boolean |
OpenSSOApplicationPrivilegeManager.hasPrivilege(Privilege p,
ApplicationPrivilege.Action action) |
boolean |
OpenSSOApplicationPrivilegeManager.hasPrivilege(ReferralPrivilege p,
ApplicationPrivilege.Action action) |
boolean |
OpenSSOIndexStore.hasPrivilgesWithApplication(String realm,
String applName) |
boolean |
DataStore.hasPrivilgesWithApplication(Subject adminSubject,
String realm,
String applName) |
void |
PolicyPrivilegeManager.modify(Privilege privilege)
Modify a privilege.
|
void |
PolicyPrivilegeManager.modify(String existingName,
Privilege privilege)
Modify a privilege.
|
protected void |
PolicyPrivilegeManager.notifyPrivilegeChanged(String realm,
Privilege previous,
Privilege current,
PolicyEventType eventType) |
static Set<IPrivilege> |
PrivilegeUtils.policyObjectToPrivileges(Object policy) |
static Set<IPrivilege> |
PrivilegeUtils.policyToPrivileges(Object policyObject)
Maps an OpenAM Policy to entitlement Privilege
|
static void |
PrivilegeUtils.policyToPrivileges(Policy policy,
Set<IPrivilege> privileges) |
static String |
PrivilegeUtils.policyToXML(Object policy) |
static Policy |
PrivilegeUtils.privilegeToPolicy(String realm,
Privilege privilege) |
static Object |
PrivilegeUtils.privilegeToPolicyObject(String realm,
Privilege privilege) |
static Policy |
PrivilegeUtils.referralPrivilegeToPolicy(String realm,
ReferralPrivilege referralPrivilege) |
void |
PolicyPrivilegeManager.remove(String name)
Remove a privilege.
|
void |
DataStore.remove(Subject adminSubject,
String realm,
String name)
Removes privilege.
|
void |
EntitlementService.removeApplication(String name)
Removes application.
|
void |
EntitlementService.removeApplicationType(String name)
Removes application type.
|
boolean |
OpenSSOEntitlementListener.removeListener(Subject adminSubject,
String url) |
void |
OpenSSOApplicationPrivilegeManager.removePrivilege(String name) |
void |
OpenSSOPolicyDataStore.removePrivilege(Subject subject,
String realm,
Privilege privilege) |
void |
OpenSSOPolicyDataStore.removeReferral(Subject subject,
String realm,
ReferralPrivilege referral) |
void |
DataStore.removeReferral(Subject adminSubject,
String realm,
String name)
Removes referral privilege.
|
void |
OpenSSOApplicationPrivilegeManager.replacePrivilege(ApplicationPrivilege appPrivilege) |
Iterator<IPrivilege> |
OpenSSOIndexStore.search(String realm,
ResourceSearchIndexes indexes,
Set<String> subjectIndexes,
boolean bSubTree)
Returns an iterator of matching privilege objects.
|
Iterator<IPrivilege> |
OpenSSOIndexStore.search(String realm,
ResourceSearchIndexes indexes,
Set<String> subjectIndexes,
boolean bSubTree,
boolean bReferral)
Search for policies.
|
Set<IPrivilege> |
DataStore.search(Subject adminSubject,
String realm,
BufferedIterator iterator,
ResourceSearchIndexes indexes,
Set<String> subjectIndexes,
boolean bSubTree,
Set<String> excludeDNs)
Returns a set of privilege that satifies the resource and subject
indexes.
|
Set<String> |
DataStore.search(Subject adminSubject,
String realm,
String filter,
int numOfEntries,
boolean sortResults,
boolean ascendingOrder)
Returns a set of privilege names that satifies a search filter.
|
Set<Application> |
EntitlementService.searchApplications(Subject subject,
org.forgerock.util.query.QueryFilter<String> queryFilter) |
Set<String> |
OpenSSOIndexStore.searchPrivilegeNames(Set<SearchFilter> filters,
boolean boolAnd,
int numOfEntries,
boolean sortResults,
boolean ascendingOrder)
Returns a set of privilege names that satifies a search filter.
|
Set<ReferralPrivilege> |
DataStore.searchReferral(SSOToken adminToken,
String realm,
BufferedIterator iterator,
ResourceSearchIndexes indexes,
boolean bSubTree,
Set<String> excludeDNs)
Returns a set of referral privilege that satifies the resource and
subject indexes.
|
Set<String> |
DataStore.searchReferral(Subject adminSubject,
String realm,
String filter,
int numOfEntries,
boolean sortResults,
boolean ascendingOrder)
Returns a set of referral privilege names that satifies a search filter.
|
Set<String> |
OpenSSOIndexStore.searchReferralPrivilegeNames(Set<SearchFilter> filters,
boolean boolAnd,
int numOfEntries,
boolean sortResults,
boolean ascendingOrder)
Returns a set of referral privilege names that satifies a search filter.
|
Set<String> |
OpenSSOIndexStore.searchReferralPrivilegeNames(Set<SearchFilter> filters,
Subject adminSubject,
String currentRealm,
boolean boolAnd,
int numOfEntries,
boolean sortResults,
boolean ascendingOrder)
Returns a set of referral privilege names that matched a set of search
criteria.
|
Set<ReferralPrivilege> |
DataStore.searchReferrals(SSOToken adminToken,
String realm,
String filter) |
void |
EntitlementService.setSubjectAttributesCollectorConfiguration(String name,
Map<String,Set<String>> attrMap)
Sets subject attributes collector configuration.
|
void |
EntitlementService.storeApplication(Application appl)
Stores the application to data store.
|
void |
EntitlementService.storeApplicationType(ApplicationType applicationType)
Stores the application type to data store.
|
void |
PolicyCondition.validate() |
| Constructor and Description |
|---|
OpenSSOApplicationPrivilegeManager(String realm,
Subject caller,
ResourceTypeService resourceTypeService) |
| Modifier and Type | Method and Description |
|---|---|
Set<ResourceAttribute> |
XACMLSchemaFactory.adviceExpressionsToResourceAttributes(AdviceExpressions adviceExpressions)
Convert the specified
AdviceExpressions object into a set of
ResourceAttribute objects. |
ResourceAttribute |
XACMLSchemaFactory.adviceExpressionToResourceAttribute(AdviceExpression adviceExpression)
Convert the specified
AdviceExpression object into a
ResourceAttribute. |
PolicySet |
XACMLExportImport.exportXACML(String realm,
Subject admin,
List<String> filters)
Performs an export of all Policies found in the Privilege Manager that match the
provided filters.
|
ResourceAttribute |
ResourceAttributeUtil.fromJSON(String json)
Convert the JSON text into a
ResourceAttribute. |
PrivilegeSet |
XACMLReaderWriter.fromXACML(PolicySet policySet)
Translate provided XACML PolicySet into OpenAM Privileges, ReferralPrivileges, Applications and ResourceTypes.
|
static EntitlementCondition |
XACMLPrivilegeUtils.getEntitlementConditionFromPolicy(Policy policy)
Constructs EntitlementCondition from the policy.
|
SearchFilter |
SearchFilterFactory.getFilter(String filter)
Returns a SearchFilter that matches the search string provided.
|
List<ImportStep> |
XACMLExportImport.importXacml(String realm,
InputStream xacml,
Subject admin,
boolean dryRun)
Performs the Import based on the given Stream.
|
static Set<Privilege> |
XACMLPrivilegeUtils.policySetToPrivileges(PolicySet policySet) |
static Privilege |
XACMLPrivilegeUtils.policyToPrivilege(Policy policy) |
static ReferralPrivilege |
XACMLPrivilegeUtils.policyToReferral(Policy policy) |
PrivilegeSet |
XACMLReaderWriter.read(InputStream xacml)
Reads a sequence of XACML policies as OpenAM Privileges.
|
AdviceExpressions |
XACMLSchemaFactory.resourceAttributesToAdviceExpressions(Set<ResourceAttribute> resourceAttributes)
Convert a set of
ResourceAttribute objects to a single
AdviceExpression object. |
AdviceExpression |
XACMLSchemaFactory.resourceAttributeToAdviceExpression(ResourceAttribute resourceAttribute)
Convert one
ResourceAttribute object into an
AdviceExpression object. |
String |
ResourceAttributeUtil.toJSON(ResourceAttribute attribute)
Convert a
Privilege ResourceAttribute into JSON representation. |
PolicySet |
XACMLReaderWriter.toXACML(String realm,
PrivilegeSet privilegeSet)
Translate provided OpenAM Privilege and ReferralPrivilege objects into XACML PolicySet.
|
static String |
XACMLPrivilegeUtils.toXML(PolicySet policySet) |
static void |
XACMLPrivilegeUtils.validate(Privilege privilege,
PrivilegeValidator privilegeValidator)
Validates the privilege instance.
|
static void |
XACMLPrivilegeUtils.writeXMLToStream(PolicySet policySet,
OutputStream outputStream) |
| Modifier and Type | Method and Description |
|---|---|
void |
PrivilegeValidator.validatePrivilege(Privilege privilege)
Apply validation logic to a Privilege.
|
void |
RealmValidator.validateRealms(Collection<String> realms) |
void |
PrivilegeValidator.validateReferralPrivilege(ReferralPrivilege referralPrivilege)
Apply validation logic to a
ReferralPrivilege. |
| Modifier and Type | Method and Description |
|---|---|
boolean |
PolicyManager.canCreatePolicies(Set<String> services)
Deprecated.
|
| Modifier and Type | Method and Description |
|---|---|
protected javax.ws.rs.WebApplicationException |
ResourceBase.getWebApplicationException(javax.ws.rs.core.HttpHeaders headers,
EntitlementException e,
ResourceBase.MimeType mimeType) |
| Modifier and Type | Method and Description |
|---|---|
ConditionDecision |
CachingEntitlementCondition.evaluate(String realm,
Subject subject,
String resourceName,
Map<String,Set<String>> environment)
First checks whether the backing condition has been evaluated already, if no, then evaluates the condition once
and saves the result in the
PrivilegeEvaluatorContext.conditionDecisionCache. |
void |
CachingEntitlementCondition.validate() |
| Modifier and Type | Method and Description |
|---|---|
ConditionDecision |
SessionCondition.evaluate(String realm,
Subject subject,
String resourceName,
Map<String,Set<String>> env)
Returns condition decision.
|
ConditionDecision |
AuthenticateToRealmCondition.evaluate(String realm,
Subject subject,
String resourceName,
Map<String,Set<String>> env)
Returns condition decision.
|
ConditionDecision |
SessionPropertyCondition.evaluate(String realm,
Subject subject,
String resourceName,
Map<String,Set<String>> env)
Returns condition decision.
|
ConditionDecision |
SimpleTimeCondition.evaluate(String realm,
Subject subject,
String resourceName,
Map<String,Set<String>> env)
Returns condition decision.
|
ConditionDecision |
ScriptCondition.evaluate(String realm,
Subject subject,
String resourceName,
Map<String,Set<String>> environment) |
ConditionDecision |
AuthSchemeCondition.evaluate(String realm,
Subject subject,
String resourceName,
Map<String,Set<String>> env)
Returns condition decision.
|
ConditionDecision |
AMIdentityMembershipCondition.evaluate(String realm,
Subject subject,
String resourceName,
Map<String,Set<String>> env) |
ConditionDecision |
LDAPFilterCondition.evaluate(String realm,
Subject subject,
String resourceName,
Map<String,Set<String>> env)
Returns condition decision.
|
ConditionDecision |
ResourceEnvIPCondition.evaluate(String realm,
Subject subject,
String resourceName,
Map<String,Set<String>> env)
Returns condition decision.
|
ConditionDecision |
OAuth2ScopeCondition.evaluate(String realm,
Subject subject,
String resourceName,
Map<String,Set<String>> env)
Returns condition decision.
|
ConditionDecision |
AuthenticateToServiceCondition.evaluate(String realm,
Subject subject,
String resourceName,
Map<String,Set<String>> env)
Returns condition decision.
|
ConditionDecision |
AuthLevelCondition.evaluate(String realm,
Subject subject,
String resourceName,
Map<String,Set<String>> env)
Returns condition decision.
|
Set<String> |
EntitlementCoreWrapper.getAuthenticatedSchemes(SSOToken token)
Returns the set of all authenticated Scheme names.
|
Set<String> |
EntitlementCoreWrapper.getRealmQualifiedAuthenticatedSchemes(SSOToken token)
Returns the set of all authenticated realm qualified scheme names.
|
void |
LDAPFilterCondition.setLdapFilter(String ldapFilter) |
protected com.googlecode.ipv6.IPv6Address |
IPv6Condition.stringToIp(String ip)
Factory method for constructing an IP value from its String representation.
|
protected Long |
IPv4Condition.stringToIp(String ip)
Factory method for constructing an IP value from its String representation.
|
void |
SessionCondition.validate() |
void |
AuthenticateToRealmCondition.validate() |
void |
SessionPropertyCondition.validate() |
void |
SimpleTimeCondition.validate() |
void |
ScriptCondition.validate() |
void |
AuthSchemeCondition.validate() |
void |
AMIdentityMembershipCondition.validate() |
void |
LDAPFilterCondition.validate() |
void |
ResourceEnvIPCondition.validate() |
void |
OAuth2ScopeCondition.validate() |
void |
AuthenticateToServiceCondition.validate() |
void |
AuthLevelCondition.validate() |
| Constructor and Description |
|---|
IPv4Condition(String startIp,
String endIp,
List<String> ipRange,
List<String> dnsName)
JSON deserialization constructor used to ensure fields are set in an order
that allows inter-field validation to pass.
|
IPv6Condition(String startIp,
String endIp,
List<String> ipRange,
List<String> dnsName)
JSON deserialization constructor used to ensure fields are set in an order
that allows inter-field validation to pass.
|
| Modifier and Type | Method and Description |
|---|---|
SubjectDecision |
AuthenticatedUsers.evaluate(String realm,
SubjectAttributesManager mgr,
Subject subject,
String resourceName,
Map<String,Set<String>> environment)
Returns
SubjectDecision of EntitlementSubject evaluation. |
SubjectDecision |
IdentitySubject.evaluate(String realm,
SubjectAttributesManager mgr,
Subject subject,
String resourceName,
Map<String,Set<String>> environment)
Returns
SubjectDecision of EntitlementSubject evaluation. |
| Modifier and Type | Method and Description |
|---|---|
boolean |
ResourceTypeConfiguration.containsName(Subject subject,
String realm,
String name)
Check to see if a resource type with the given name already exists in this realm.
|
boolean |
ResourceTypeConfigurationImpl.containsName(Subject subject,
String realm,
String name)
Check to see if a resource type with the given name already exists in this realm.
|
boolean |
ResourceTypeConfiguration.containsUUID(Subject subject,
String realm,
String uuid)
Check to see if a resource type with the given UUID already exists in this realm.
|
boolean |
ResourceTypeConfigurationImpl.containsUUID(Subject subject,
String realm,
String uuid)
Check to see if a resource type with the given UUID already exists in this realm.
|
ResourceType |
ResourceTypeConfiguration.getResourceType(Subject subject,
String realm,
String uuid)
Retrieve a registered resource type by id.
|
ResourceType |
ResourceTypeConfigurationImpl.getResourceType(Subject subject,
String realm,
String uuid)
Retrieve a registered resource type by id.
|
Set<ResourceType> |
ResourceTypeConfiguration.getResourceTypes(org.forgerock.util.query.QueryFilter<SmsAttribute> filter,
Subject subject,
String realm)
Retrieves a set of resource types based on the passed query filter.
|
Set<ResourceType> |
ResourceTypeConfigurationImpl.getResourceTypes(org.forgerock.util.query.QueryFilter<SmsAttribute> queryFilter,
Subject subject,
String realm) |
Map<String,Map<String,Set<String>>> |
ResourceTypeConfiguration.getResourceTypesData(Subject subject,
String realm)
Retrieve the resource types stored under the specified realm from the data store.
|
Map<String,Map<String,Set<String>>> |
ResourceTypeConfigurationImpl.getResourceTypesData(Subject subject,
String realm) |
void |
ResourceTypeConfiguration.removeResourceType(Subject subject,
String realm,
String uuid)
Remove a resource type.
|
void |
ResourceTypeConfigurationImpl.removeResourceType(Subject subject,
String realm,
String uuid)
Remove a resource type.
|
void |
ResourceTypeConfiguration.storeResourceType(Subject subject,
String realm,
ResourceType resourceType)
Stores the resource type to the data store.
|
void |
ResourceTypeConfigurationImpl.storeResourceType(Subject subject,
String realm,
ResourceType resourceType)
Stores the resource type to the data store.
|
| Modifier and Type | Class and Description |
|---|---|
class |
ConstraintFailureException
Exception to report constraint validation failures.
|
| Modifier and Type | Method and Description |
|---|---|
ResourceSearchIndexes |
TreeSearchIndex.getIndexes(String resource,
String realm) |
ResourceSearchIndexes |
TreeSearchIndexDelegate.getIndexes(String resource,
String realm) |
Set<String> |
IndexTreeService.searchTree(String resource,
String realm)
Given a resource searches the tree for all matching index rules with the specified realm.
|
Set<String> |
IndexTreeServiceImpl.searchTree(String resource,
String realm)
Given a resource searches the tree for all matching index rules with the specified realm.
|
| Modifier and Type | Method and Description |
|---|---|
org.forgerock.json.resource.ResourceException |
EntitlementsExceptionMappingHandler.handleError(org.forgerock.services.context.Context context,
org.forgerock.json.resource.Request request,
EntitlementException error)
Constructs an appropriate
ResourceException for the given request and entitlements exception. |
org.forgerock.json.resource.ResourceException |
EntitlementsExceptionMappingHandler.handleError(org.forgerock.services.context.Context context,
String msg,
org.forgerock.json.resource.Request request,
EntitlementException error)
Constructs an appropriate
ResourceException for the given request and entitlements exception. |
org.forgerock.json.resource.ResourceException |
EntitlementsExceptionMappingHandler.handleError(EntitlementException error) |
org.forgerock.json.resource.ResourceException |
EntitlementsExceptionMappingHandler.handleError(org.forgerock.json.resource.Request request,
EntitlementException error) |
org.forgerock.json.resource.ResourceException |
EntitlementsExceptionMappingHandler.handleError(String msg,
org.forgerock.json.resource.Request request,
EntitlementException error)
Constructs an appropriate
ResourceException for the given request and entitlements exception. |
| Modifier and Type | Method and Description |
|---|---|
PolicyRequest |
PolicyRequestFactory.buildRequest(PolicyAction action,
org.forgerock.services.context.Context context,
org.forgerock.json.resource.ActionRequest request)
Builds a request for the given action type.
|
Privilege |
PolicyStore.create(Privilege policy)
Creates the given policy in the underlying store.
|
protected ApplicationWrapper |
ApplicationsResource.createApplicationWrapper(org.forgerock.json.JsonValue jsonValue)
Abstracts out the createApplicationWrapper method so that we can easily test this class.
|
protected ApplicationWrapper |
ApplicationsResource.createApplicationWrapper(org.forgerock.json.JsonValue jsonValue,
Subject mySubject)
Creates an
ApplicationWrapper to hold the Application object, after having deserialized it
via Jackson. |
void |
PolicyStore.delete(String policyName)
Deletes the given policy from the policy store.
|
List<Entitlement> |
PolicyEvaluator.evaluateBatch(BatchPolicyRequest request)
Given a batch policy request, provides a set of policy
decisions that correspond to each resource definition.
|
List<Entitlement> |
PolicyEvaluator.evaluateTree(TreePolicyRequest request)
Given a tree policy request, provides a set of policy decisions for each
defined policy that matches the single resource definition and below.
|
PolicyEvaluator |
PolicyEvaluatorFactory.getEvaluator(Subject subject,
String application)
Given the subject looking to request policy decisions within an
application context, retrieve the relevant policy evaluator.
|
PolicyEvaluator |
EntitlementEvaluatorFactory.getEvaluator(Subject subject,
String application) |
PolicyStore |
PolicyStoreProvider.getPolicyStore(org.forgerock.services.context.Context context)
Gets a policy store for the given realm.
|
PolicyStore |
PolicyStoreProvider.getPolicyStore(Subject adminSubject,
String realm)
Gets a policy store for the given realm.
|
Privilege |
PolicyParser.parsePolicy(String id,
org.forgerock.json.JsonValue representation)
Parses the given JSON policy representation into an entitlements policy (privilege).
|
Privilege |
JsonPolicyParser.parsePolicy(String name,
org.forgerock.json.JsonValue json) |
org.forgerock.json.JsonValue |
PolicyParser.printEntitlement(Entitlement entitlement)
Converts an entitlement decision into JSON.
|
org.forgerock.json.JsonValue |
JsonPolicyParser.printEntitlement(Entitlement entitlement) |
org.forgerock.json.JsonValue |
PolicyParser.printEntitlements(List<Entitlement> entitlements)
Converts a list of policy decisions to a json representation.
|
org.forgerock.json.JsonValue |
JsonPolicyParser.printEntitlements(List<Entitlement> entitlements) |
org.forgerock.json.JsonValue |
PolicyParser.printPolicy(Privilege policy)
Converts an entitlements policy back to the JSON serialisation representation.
|
org.forgerock.json.JsonValue |
JsonPolicyParser.printPolicy(Privilege policy) |
List<Privilege> |
PolicyStore.query(org.forgerock.json.resource.QueryRequest request)
Queries the store for a set of policies that match the given query.
|
Privilege |
PolicyStore.read(String policyName)
Reads the given named policy from the policy store.
|
List<Entitlement> |
PolicyEvaluator.routePolicyRequest(PolicyRequest request)
Given a generic policy request, routes the request to the appropriate evaluation method.
|
void |
ApplicationV1FilterTransformer.transformJson(org.forgerock.json.JsonValue jsonValue,
Subject callingSubject,
String realm)
Given the json representation of an application swaps out the resource type UUIDs for a set of actions and
resources that is the union of actions and resources represented by the associated resource types.
|
Privilege |
PolicyStore.update(String existingName,
Privilege policy)
Updates the given policy to match the new definition.
|
| Constructor and Description |
|---|
ApplicationsResource(Debug debug,
ApplicationServiceFactory applicationServiceFactory,
ApplicationTypeManagerWrapper appTypeManagerWrapper,
ExceptionMappingHandler<EntitlementException,org.forgerock.json.resource.ResourceException> exceptionMappingHandler) |
ApplicationV1Filter(ResourceTypeService resourceTypeService,
ApplicationServiceFactory applicationServiceFactory,
ExceptionMappingHandler<EntitlementException,org.forgerock.json.resource.ResourceException> resourceErrorHandler,
ContextHelper contextHelper,
ApplicationV1FilterTransformer applicationTransformer,
Debug debug) |
ApplicationV1FilterTransformer(ContextHelper contextHelper,
ResourceTypeService resourceTypeService,
ExceptionMappingHandler<EntitlementException,org.forgerock.json.resource.ResourceException> resourceErrorHandler) |
PolicyResource(PolicyEvaluatorFactory factory,
PolicyRequestFactory requestFactory,
PolicyParser parser,
PolicyStoreProvider provider,
ExceptionMappingHandler<EntitlementException,org.forgerock.json.resource.ResourceException> handler) |
PolicyV1Filter(ApplicationServiceFactory applicationServiceFactory,
ExceptionMappingHandler<EntitlementException,org.forgerock.json.resource.ResourceException> resourceErrorHandler,
ContextHelper contextHelper,
Debug debug) |
ResourceTypesResource(Debug logger,
ExceptionMappingHandler<EntitlementException,org.forgerock.json.resource.ResourceException> exceptionMappingHandler,
ResourceTypeService resourceTypeService)
Guiced-constructor.
|
| Modifier and Type | Method and Description |
|---|---|
List<Entitlement> |
TreePolicyRequest.dispatch(PolicyEvaluator evaluator) |
List<Entitlement> |
BatchPolicyRequest.dispatch(PolicyEvaluator evaluator) |
abstract List<Entitlement> |
PolicyRequest.dispatch(PolicyEvaluator evaluator)
Given the policy evaluator dispatch oneself as one knows best.
|
static BatchPolicyRequest |
BatchPolicyRequest.getBatchPolicyRequest(org.forgerock.services.context.Context context,
org.forgerock.json.resource.ActionRequest request,
SSOTokenManager tokenManager)
Gets a batch policy request based on the context and action request.
|
static TreePolicyRequest |
TreePolicyRequest.getTreePolicyRequest(org.forgerock.services.context.Context context,
org.forgerock.json.resource.ActionRequest request,
SSOTokenManager tokenManager)
Gets a tree policy request based on the context and action request.
|
void |
JsonPolicy.setEntitlement(JsonEntitlementPattern jsonEntitlement)
Sets the entitlement pattern used to determine which resources and actions this policy is applicable to.
|
void |
JsonPolicy.setName(String name)
Set the policy name.
|
void |
JsonPolicy.setSubject(EntitlementSubject subject)
Sets the subject to use for this policy.
|
| Constructor and Description |
|---|
JsonPolicy()
Default constructor for Jackson to use.
|
JsonPolicy(Privilege privilege)
Constructs a JSON wrapper policy using the given privilege object as the underlying policy implementation.
|
| Modifier and Type | Method and Description |
|---|---|
void |
ReferralWrapper.setRealms(Set<String> realms) |
void |
ReferralWrapper.setResources(Map<String,Set<String>> resourceMap) |
org.forgerock.json.JsonValue |
ApplicationWrapper.toJsonValue() |
org.forgerock.json.JsonValue |
JsonResourceType.toJsonValue()
Focus of this class.
|
| Modifier and Type | Method and Description |
|---|---|
boolean |
ResourceTypeService.contains(Subject subject,
String realm,
String id)
Determines whether the resource type Id represents a valid and present resource type.
|
boolean |
ResourceTypeServiceImpl.contains(Subject subject,
String realm,
String id) |
void |
ApplicationService.deleteApplication(String name)
Removes application in the realm.
|
void |
ApplicationServiceImpl.deleteApplication(String name) |
void |
ResourceTypeService.deleteResourceType(Subject subject,
String realm,
String uuid)
Delete the resource type with the given UUID stored under the given realm from the data store.
|
void |
ResourceTypeServiceImpl.deleteResourceType(Subject subject,
String realm,
String uuid)
Delete the resource type with the given UUID stored under the given realm from the data store.
|
Application |
ApplicationService.getApplication(String applicationName)
Retrieves an application instance for the passed name.
|
Application |
ApplicationServiceImpl.getApplication(String name) |
Set<String> |
ApplicationService.getApplicationNames()
Returns all the application names in a realm.
|
Set<String> |
ApplicationServiceImpl.getApplicationNames() |
Set<Application> |
ApplicationService.getApplications()
Returns all the applications in a realm.
|
Set<Application> |
ApplicationServiceImpl.getApplications() |
Set<String> |
ApplicationService.getReferredResources(String applicationTypeName)
Returns referred resources for a realm.
|
Set<String> |
ApplicationServiceImpl.getReferredResources(String applicationTypeName) |
ResourceType |
ResourceTypeService.getResourceType(Subject subject,
String realm,
String uuid)
Retrieve the resource type with the given UUID, stored under the specified realm.
|
ResourceType |
ResourceTypeServiceImpl.getResourceType(Subject subject,
String realm,
String uuid)
Retrieve the resource type with the given UUID, stored under the specified realm.
|
Set<ResourceType> |
ResourceTypeService.getResourceTypes(org.forgerock.util.query.QueryFilter<SmsAttribute> filter,
Subject subject,
String realm)
Retrieves a set of resource types based on the passed query filter.
|
Set<ResourceType> |
ResourceTypeServiceImpl.getResourceTypes(org.forgerock.util.query.QueryFilter<SmsAttribute> filter,
Subject subject,
String realm) |
Map<String,Map<String,Set<String>>> |
ResourceTypeService.getResourceTypesData(Subject subject,
String realm)
Retrieve the resource types stored under the specified realm from the data store.
|
Map<String,Map<String,Set<String>>> |
ResourceTypeServiceImpl.getResourceTypesData(Subject subject,
String realm) |
Application |
ApplicationService.saveApplication(Application application)
Saves application data.
|
Application |
ApplicationServiceImpl.saveApplication(Application application) |
ResourceType |
ResourceTypeService.saveResourceType(Subject subject,
String realm,
ResourceType resourceType)
Save the ResourceType in the data store under the resource type's realm.
|
ResourceType |
ResourceTypeServiceImpl.saveResourceType(Subject subject,
String realm,
ResourceType resourceType)
Save the ResourceType in the data store under the resource type's realm.
|
Set<Application> |
ApplicationService.search(org.forgerock.util.query.QueryFilter<String> queryFilter)
Returns the applications that matches the search criteria.
|
Set<Application> |
ApplicationServiceImpl.search(org.forgerock.util.query.QueryFilter<String> queryFilter) |
ResourceType |
ResourceTypeService.updateResourceType(Subject subject,
String realm,
ResourceType resourceType)
Update the given resource type.
|
ResourceType |
ResourceTypeServiceImpl.updateResourceType(Subject subject,
String realm,
ResourceType resourceType)
Update the given resource type.
|
| Modifier and Type | Method and Description |
|---|---|
static Application |
EntitlementUtils.createApplication(ApplicationType applicationType,
String name,
Map<String,Set<String>> data)
Constructs an
Application object based on the provided information. |
static Application |
EntitlementUtils.newApplication(String name,
ApplicationType applicationType)
Creates an application.
|
| Modifier and Type | Method and Description |
|---|---|
Evaluator |
UmaProviderSettings.getPolicyEvaluator(Subject subject) |
Evaluator |
UmaProviderSettings.getPolicyEvaluator(Subject subject,
String clientId) |
org.restlet.representation.Representation |
AuthorizationRequestEndpoint.requestAuthorization(org.restlet.ext.json.JsonRepresentation entity) |
| Modifier and Type | Method and Description |
|---|---|
Evaluator |
UmaPolicyEvaluatorFactory.getEvaluator(Subject subject,
String application)
Given the subject looking to request policy decisions within an
application context, retrieve the relevant policy evaluator.
|
| Constructor and Description |
|---|
UmaResourceSetRegistrationHook(ResourceTypeService resourceTypeService,
ApplicationServiceFactory applicationServiceFactory,
UmaPolicyService policyService,
SessionCache sessionCache)
Creates a new UmaResourceSetRegistrationHook instance.
|
| Modifier and Type | Method and Description |
|---|---|
void |
PersistableImportStep.apply()
Contents of this import step will be applied to the data store.
|
void |
ImportStepGenerator.generateImportSteps()
Generates Import Steps for Application, ResourceType and Privilege.
|
static Set<ResourceType> |
XACMLResourceTypeUtils.getAllResourceTypes(ResourceTypeService resourceTypeService,
Subject subject,
String realm)
Gets all resource types using the resource type service instance.
|
ApplicationType |
XACMLApplicationUtils.ApplicationTypeService.getApplicationType(Subject subject,
String applicationName)
Get the application type already present in the system.
|
static Application |
XACMLApplicationUtils.policyToApplication(Policy policy)
Creates an Application instance from the attributes of the Policy instance.
|
Copyright © 2010–2025 Open Identity Platform Community. All rights reserved.