com.sun.identity.entitlement.opensso

Class OpenSSOApplicationPrivilegeManager

java.lang.Object

com.sun.identity.entitlement.ApplicationPrivilegeManager

com.sun.identity.entitlement.opensso.OpenSSOApplicationPrivilegeManager

public class OpenSSOApplicationPrivilegeManager
extends ApplicationPrivilegeManager

Field Summary

Fields inherited from class com.sun.identity.entitlement.ApplicationPrivilegeManager

ACTION_DELEGATE, ACTION_MODIFY, ACTION_READ

Constructor Summary

Constructors

Constructor and Description
OpenSSOApplicationPrivilegeManager(String realm, Subject caller, ResourceTypeService resourceTypeService)

Method Summary

Modifier and Type	Method and Description
void	addPrivilege(ApplicationPrivilege appPrivilege) Adds a delegation privilege.
boolean	canCreateApplication(String realm) Returns true if subject can create application.
Set<String>	getApplications(ApplicationPrivilege.Action action) Returns application names for a given action.
Set<String>	getDelegatableResourceNames(String applicationName)
ApplicationPrivilege	getPrivilege(String name) Returns the application privilege object.
Set<String>	getResources(String applicationName, ApplicationPrivilege.Action action) Returns a set of resources for an application and an action.
boolean	hasPrivilege(Application app, ApplicationPrivilege.Action action)
boolean	hasPrivilege(Privilege p, ApplicationPrivilege.Action action) Returns true if the subject has permission to a privilege of a given action.
boolean	hasPrivilege(ReferralPrivilege p, ApplicationPrivilege.Action action) Returns true if the subject has permission to a referral privilege of a given action.
void	removePrivilege(String name) Removes a privilege.
void	replacePrivilege(ApplicationPrivilege appPrivilege) Replaces (or modifies) an existing privilege.
Set<String>	search(Set<SearchFilter> filters) Returns a set of privilege names that the administrator can delegate.

Methods inherited from class com.sun.identity.entitlement.ApplicationPrivilegeManager

getInstance

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

OpenSSOApplicationPrivilegeManager

public OpenSSOApplicationPrivilegeManager(String realm,
                                          Subject caller,
                                          ResourceTypeService resourceTypeService)
                                   throws EntitlementException

Throws:

EntitlementException

Method Detail

getDelegatableResourceNames

public Set<String> getDelegatableResourceNames(String applicationName)

addPrivilege

public void addPrivilege(ApplicationPrivilege appPrivilege)
                  throws EntitlementException

Description copied from class: ApplicationPrivilegeManager

Adds a delegation privilege.

Specified by:

addPrivilege in class ApplicationPrivilegeManager

Parameters:

appPrivilege - Application Privilege to be added

Throws:

EntitlementException - if privilege cannot be added.

removePrivilege

public void removePrivilege(String name)
                     throws EntitlementException

Description copied from class: ApplicationPrivilegeManager

Removes a privilege.

Specified by:

removePrivilege in class ApplicationPrivilegeManager

Parameters:

name - Name of privilege to remove

Throws:

EntitlementException - if privilege cannot be removed.

replacePrivilege

public void replacePrivilege(ApplicationPrivilege appPrivilege)
                      throws EntitlementException

Description copied from class: ApplicationPrivilegeManager

Replaces (or modifies) an existing privilege.

Specified by:

replacePrivilege in class ApplicationPrivilegeManager

Parameters:

appPrivilege - New privilege.

Throws:

EntitlementException - if privilege cannot be replaced.

getPrivilege

public ApplicationPrivilege getPrivilege(String name)
                                  throws EntitlementException

Description copied from class: ApplicationPrivilegeManager

Returns the application privilege object.

Specified by:

getPrivilege in class ApplicationPrivilegeManager

Parameters:

name - Name of application privilege.

Returns:

the application privilege object.

Throws:

EntitlementException - if privilege cannot be returned.

search

public Set<String> search(Set<SearchFilter> filters)

Description copied from class: ApplicationPrivilegeManager

Returns a set of privilege names that the administrator can delegate.

Specified by:

search in class ApplicationPrivilegeManager

Parameters:

filters - Set of search filters.

Returns:

Set of privilege names that the administrator can delegate.

hasPrivilege

public boolean hasPrivilege(Privilege p,
                            ApplicationPrivilege.Action action)
                     throws EntitlementException

Description copied from class: ApplicationPrivilegeManager

Returns true if the subject has permission to a privilege of a given action.

Specified by:

hasPrivilege in class ApplicationPrivilegeManager

Parameters:

p - Privilege.

action - Privilege action.

Returns:

true if the subject has permission to a privilege of a given action.

Throws:

EntitlementException

hasPrivilege

public boolean hasPrivilege(ReferralPrivilege p,
                            ApplicationPrivilege.Action action)
                     throws EntitlementException

Description copied from class: ApplicationPrivilegeManager

Returns true if the subject has permission to a referral privilege of a given action.

Specified by:

hasPrivilege in class ApplicationPrivilegeManager

Parameters:

p - Referral Privilege.

action - Privilege action.

Returns:

true if the subject has permission to a referral privilege of a given action.

Throws:

EntitlementException

hasPrivilege

public boolean hasPrivilege(Application app,
                            ApplicationPrivilege.Action action)
                     throws EntitlementException

Specified by:

hasPrivilege in class ApplicationPrivilegeManager

Throws:

EntitlementException

getResources

public Set<String> getResources(String applicationName,
                                ApplicationPrivilege.Action action)

Description copied from class: ApplicationPrivilegeManager

Returns a set of resources for an application and an action.

Specified by:

getResources in class ApplicationPrivilegeManager

Parameters:

applicationName - Application name.

action - Privilege action.

Returns:

set of resources for an application and an action.

getApplications

public Set<String> getApplications(ApplicationPrivilege.Action action)

Description copied from class: ApplicationPrivilegeManager

Returns application names for a given action.

Specified by:

getApplications in class ApplicationPrivilegeManager

Parameters:

action - Privilege action.

Returns:

application names for a given action.

canCreateApplication

public boolean canCreateApplication(String realm)

Returns true if subject can create application.

Specified by:

canCreateApplication in class ApplicationPrivilegeManager

Parameters:

realm - Realm where application is to be created.