Class EntitlementService
- java.lang.Object
-
- com.sun.identity.entitlement.opensso.EntitlementService
-
- All Implemented Interfaces:
EntitlementConfiguration
public class EntitlementService extends Object implements EntitlementConfiguration
-
-
Field Summary
Fields Modifier and Type Field Description static StringAPPLICATION_CLASSNAMEstatic StringATTR_NAME_METAstatic StringATTR_NAME_SUBJECT_ATTR_NAMESstatic StringCONFIG_CONDITIONSstatic StringCONFIG_ENTITLEMENT_COMBINERstatic StringCONFIG_RESOURCE_COMP_IMPLstatic StringCONFIG_SAVE_INDEX_IMPLstatic StringCONFIG_SEARCH_INDEX_IMPLstatic StringCONFIG_SUBJECTSstatic StringSERVICE_NAMEEntitlement Service name.-
Fields inherited from interface com.sun.identity.entitlement.EntitlementConfiguration
INDEX_CACHE_SIZE, POLICY_CACHE_SIZE, POLICY_EVAL_THREAD_SIZE, POLICY_SEARCH_THREAD_SIZE
-
-
Constructor Summary
Constructors Constructor Description EntitlementService(Subject subject, String realm, NotificationBroker broker)Construct a new instance ofEntitlementService.
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description voidaddSubjectAttributeNames(String applicationName, Set<String> names)Returns subject attribute names.ApplicationgetApplication(String name)Returns the application with the specified name.Set<Application>getApplications()Returns a set of registered applications.Set<ApplicationType>getApplicationTypes()Returns a set of registered application type.Set<String>getConfiguration(String attrName)Returns set of attribute values of a given attribute name,static intgetConfiguration(String attrName, int defaultValue)intgetPolicyWindowSize()Informs us of the size of the policy window set in the configurable options.Set<String>getSubjectAttributeNames(String application)Returns subject attribute names.Map<String,Set<String>>getSubjectAttributesCollectorConfiguration(String name)Returns subject attributes collector configuration.booleanhasEntitlementDITs()Returnstrueif OpenAM policy data is migrated to a form that entitlements service can operates on them.booleanisMonitoringRunning()Whether the overall monitoring framework is enabled and running.booleannetworkMonitorEnabled()Returnstrueif the network monitoring for entitlements is enabledvoidreindexApplications()Reindex Applications.voidremoveApplication(String name)Removes application.voidremoveApplicationType(String name)Removes application type.Set<Application>searchApplications(Subject subject, org.forgerock.util.query.QueryFilter<String> queryFilter)Returns a set of applications for the given search criteria.voidsetNetworkMonitorEnabled(boolean enabled)Allows the network monitoring to be enabled/disabledvoidsetSubjectAttributesCollectorConfiguration(String name, Map<String,Set<String>> attrMap)Sets subject attributes collector configuration.voidstoreApplication(Application appl)Stores the application to data store.voidstoreApplicationType(ApplicationType applicationType)Stores the application type to data store.booleanxacmlPrivilegeEnabled()Returnstrueif the system stores privileges in XACML format and supports exporting privileges in XACML format
-
-
-
Field Detail
-
SERVICE_NAME
public static final String SERVICE_NAME
Entitlement Service name.- See Also:
- Constant Field Values
-
ATTR_NAME_SUBJECT_ATTR_NAMES
public static final String ATTR_NAME_SUBJECT_ATTR_NAMES
- See Also:
- Constant Field Values
-
ATTR_NAME_META
public static final String ATTR_NAME_META
- See Also:
- Constant Field Values
-
CONFIG_CONDITIONS
public static final String CONFIG_CONDITIONS
- See Also:
- Constant Field Values
-
CONFIG_SUBJECTS
public static final String CONFIG_SUBJECTS
- See Also:
- Constant Field Values
-
CONFIG_ENTITLEMENT_COMBINER
public static final String CONFIG_ENTITLEMENT_COMBINER
- See Also:
- Constant Field Values
-
CONFIG_SEARCH_INDEX_IMPL
public static final String CONFIG_SEARCH_INDEX_IMPL
- See Also:
- Constant Field Values
-
CONFIG_SAVE_INDEX_IMPL
public static final String CONFIG_SAVE_INDEX_IMPL
- See Also:
- Constant Field Values
-
CONFIG_RESOURCE_COMP_IMPL
public static final String CONFIG_RESOURCE_COMP_IMPL
- See Also:
- Constant Field Values
-
APPLICATION_CLASSNAME
public static final String APPLICATION_CLASSNAME
- See Also:
- Constant Field Values
-
-
Constructor Detail
-
EntitlementService
@Inject public EntitlementService(Subject subject, String realm, NotificationBroker broker)
Construct a new instance ofEntitlementService.- Parameters:
subject- the calling subjectrealm- the realmbroker- the notification broker for notifying the policyset changes
-
-
Method Detail
-
getConfiguration
public Set<String> getConfiguration(String attrName)
Returns set of attribute values of a given attribute name,- Specified by:
getConfigurationin interfaceEntitlementConfiguration- Parameters:
attrName- attribute name.- Returns:
- set of attribute values of a given attribute name,
-
getConfiguration
public static int getConfiguration(String attrName, int defaultValue)
-
getApplicationTypes
public Set<ApplicationType> getApplicationTypes()
Returns a set of registered application type.- Specified by:
getApplicationTypesin interfaceEntitlementConfiguration- Returns:
- A set of registered application type.
-
searchApplications
public Set<Application> searchApplications(Subject subject, org.forgerock.util.query.QueryFilter<String> queryFilter) throws EntitlementException
Description copied from interface:EntitlementConfigurationReturns a set of applications for the given search criteria.- Specified by:
searchApplicationsin interfaceEntitlementConfiguration- Parameters:
subject- Admin SubjectqueryFilter- Query filter.- Returns:
- a set of applications for the given search criteria.
- Throws:
EntitlementException- if search failed.
-
getApplication
public Application getApplication(String name)
Description copied from interface:EntitlementConfigurationReturns the application with the specified name.- Specified by:
getApplicationin interfaceEntitlementConfiguration- Returns:
- The application or null if the application could not be found.
-
getApplications
public Set<Application> getApplications()
Returns a set of registered applications.- Specified by:
getApplicationsin interfaceEntitlementConfiguration- Returns:
- a set of registered applications.
-
addSubjectAttributeNames
public void addSubjectAttributeNames(String applicationName, Set<String> names) throws EntitlementException
Returns subject attribute names.- Specified by:
addSubjectAttributeNamesin interfaceEntitlementConfiguration- Parameters:
applicationName- Application name.names- subject attribute names.- Throws:
EntitlementException- if subject attribute names cannot be returned.
-
removeApplication
public void removeApplication(String name) throws EntitlementException
Removes application.- Specified by:
removeApplicationin interfaceEntitlementConfiguration- Parameters:
name- name of application to be removed.- Throws:
EntitlementException- if application cannot be removed.
-
removeApplicationType
public void removeApplicationType(String name) throws EntitlementException
Removes application type.- Specified by:
removeApplicationTypein interfaceEntitlementConfiguration- Parameters:
name- name of application type to be removed.- Throws:
EntitlementException- if application type cannot be removed.
-
storeApplication
public void storeApplication(Application appl) throws EntitlementException
Stores the application to data store.- Specified by:
storeApplicationin interfaceEntitlementConfiguration- Parameters:
appl- Application object.- Throws:
EntitlementException- if application cannot be stored.
-
storeApplicationType
public void storeApplicationType(ApplicationType applicationType) throws EntitlementException
Stores the application type to data store.- Specified by:
storeApplicationTypein interfaceEntitlementConfiguration- Parameters:
applicationType- Application type object.- Throws:
EntitlementException- if application type cannot be stored.
-
getSubjectAttributeNames
public Set<String> getSubjectAttributeNames(String application)
Returns subject attribute names.- Specified by:
getSubjectAttributeNamesin interfaceEntitlementConfiguration- Parameters:
application- Application name.- Returns:
- subject attribute names.
-
getSubjectAttributesCollectorConfiguration
public Map<String,Set<String>> getSubjectAttributesCollectorConfiguration(String name) throws EntitlementException
Returns subject attributes collector configuration.- Specified by:
getSubjectAttributesCollectorConfigurationin interfaceEntitlementConfiguration- Parameters:
name- subject attributes collector name- Returns:
- subject attributes collector configuration.
- Throws:
EntitlementException- if subject attributes collector configuration cannot be returned.
-
setSubjectAttributesCollectorConfiguration
public void setSubjectAttributesCollectorConfiguration(String name, Map<String,Set<String>> attrMap) throws EntitlementException
Sets subject attributes collector configuration.- Specified by:
setSubjectAttributesCollectorConfigurationin interfaceEntitlementConfiguration- Parameters:
name- subject attributes collector nameattrMap- subject attributes collector configuration map.- Throws:
EntitlementException- if subject attributes collector configuration cannot be set.
-
hasEntitlementDITs
public boolean hasEntitlementDITs()
Returnstrueif OpenAM policy data is migrated to a form that entitlements service can operates on them.- Specified by:
hasEntitlementDITsin interfaceEntitlementConfiguration- Returns:
trueif OpenAM policy data is migrated to a form that entitlements service can operates on them.
-
xacmlPrivilegeEnabled
public boolean xacmlPrivilegeEnabled()
Returnstrueif the system stores privileges in XACML format and supports exporting privileges in XACML format- Specified by:
xacmlPrivilegeEnabledin interfaceEntitlementConfiguration- Returns:
trueif the system stores privileges in XACML format and supports exporting privileges in XACML format
-
networkMonitorEnabled
public boolean networkMonitorEnabled()
Description copied from interface:EntitlementConfigurationReturnstrueif the network monitoring for entitlements is enabled- Specified by:
networkMonitorEnabledin interfaceEntitlementConfiguration- Returns:
trueif the network monitoring for entitlements is enabled.
-
setNetworkMonitorEnabled
public void setNetworkMonitorEnabled(boolean enabled)
Description copied from interface:EntitlementConfigurationAllows the network monitoring to be enabled/disabled- Specified by:
setNetworkMonitorEnabledin interfaceEntitlementConfiguration- Parameters:
enabled- Is the network monitoring enabled
-
reindexApplications
public void reindexApplications()
Description copied from interface:EntitlementConfigurationReindex Applications.- Specified by:
reindexApplicationsin interfaceEntitlementConfiguration
-
isMonitoringRunning
public boolean isMonitoringRunning()
Whether the overall monitoring framework is enabled and running.- Specified by:
isMonitoringRunningin interfaceEntitlementConfiguration- Returns:
- true if monitoring is enabled, false otherwise.
-
getPolicyWindowSize
public int getPolicyWindowSize()
Description copied from interface:EntitlementConfigurationInforms us of the size of the policy window set in the configurable options.- Specified by:
getPolicyWindowSizein interfaceEntitlementConfiguration- Returns:
- the value of the window size as configured.
-
-