See: Description
| Interface | Description |
|---|---|
| EntitlementCondition |
Encapsulates a Strategy to decide if a
Privilege applies to a given request. |
| EntitlementConfiguration |
Entitlement Configuration
|
| EntitlementSubject | |
| IPrivilege |
Class that implements this interface has a evaluate method.
|
| IPrivilegeManager<T extends IPrivilege> |
Defines Create Read Update Delete operations for implementation of IPrivilege.
|
| ResourceAttribute |
Encapsulates a Strategy to derive attributes to be returned with a particular
Entitlement when evaluating Privileges. |
| SubjectAttributesCollector |
Interface class for obtaining attributes for users.
|
| SubjectImplementation |
Maker to indicate that the class is a actual entitlement subject
and not a logical operator.
|
| Class | Description |
|---|---|
| AndCondition |
EntitlementCondition wrapper on a set of
EntitlementCondition(s) to provide
boolean OR logic Membership is of AndCondition is satisfied
if the user is a member of any of the wrapped
EntitlementCondition. |
| AndSubject |
EntitlementSubject wrapper on a set of EntitlementSubject(s) to provide
boolean And logic Membership is of AndSubject is satisfied if the user is
a member of any of the wrapped
EntitlementSubject |
| AnonymousESubject | |
| AnyUserSubject | Deprecated |
| Application |
Application class contains the information on how an application behaves
e.g. how to combine decision and how to compare resources;
and the supported actions.
|
| ApplicationPrivilege |
Class representing delegation application privilege
|
| ApplicationPrivilegeManager |
This class manages the delegation of application privileges.
|
| ApplicationType |
Application Type defines the default supported action names; search and save
index generators; and resource comparator.
|
| ApplicationTypeManager |
Application Type manager.
|
| AttributeLookupCondition |
This condition evaluates if a given attribute from subject matches with
the one in resource.
|
| AttributeSubject | |
| ConditionDecision |
Class to represent
EntitlementCondition evaluation match result and - if applicable - its advice. |
| ConditionDecision.Builder |
Builder to help construct decisions.
|
| DenyOverride |
Deny Override combine entitlement with
false override
true. |
| Entitlement |
This class encapsulates entitlement of a subject.
|
| EntitlementCombiner |
Encapsulates a Strategy for combining the results of two
Entitlements. |
| EntitlementConditionAdaptor | |
| EntitlementListener |
Listener for receiving entitlements related changes.
|
| EntitlementSubjectImpl | Deprecated
As of ForgeRock OpenAM 12.
|
| EntitlementThreadPool |
Thread Pool
|
| Evaluator |
The class evaluates entitlement request and provides decisions.
|
| ExactMatchResourceName |
This plugin extends the functionality provided in
PrefixResourceName to provide special handling to
URL type prefix resource names in canonicalize method
like validating port, assigning default port of 80, if port absent etc. |
| GroupSubject | Deprecated
As of ForgeRock OpenAM 12.
|
| JSONEntitlement | |
| JSONNotification | |
| JwtClaimSubject |
A policy subject condition that examines claims in a Json Web Token (JWT) subject, such as an OpenID Connect
ID token.
|
| JwtPrincipal |
A security principal based on a Json Web Token (JWT).
|
| ListenerManager |
Listener manager manages registering and de-registering of listener.
|
| LogicalCondition | |
| LogicalSubject |
Base class for
OrSubejct and AndSubejct. |
| NoSubject | |
| NotCondition |
This class wrapped on an Entitlement Condition object to provide boolean
NOT.
|
| NotSubject |
This class wrapped on an Entitlement Subject object to provide boolean
NOT.
|
| NumericAttributeCondition |
Condition for evaluating attribute value of numeric type.
|
| OrCondition |
EntitlementCondition wrapper on a set of
EntitlementConditions to provide boolean OR logic. |
| OrSubject |
EntitlementSubject wrapper on a set of EntitlementSubject(s) to provide
boolean OR logic Membership is of OrSubject is satisfied if the user is
a member of any of the wrapped EntitlementSubject
|
| PolicyDataStore |
This class implements method to persist policy in datastore.
|
| PrefixResourceName |
This is a plugin impelmentation of the
ResourceName interface
it provides methods to do resource comparisons and resource
handling based on prefix based string match going left to right. |
| Privilege |
Class representing entitlement privilege
|
| PrivilegeChangeNotifier | |
| PrivilegeIndexStore |
Privilege Index Store is responsible to storing privilege in
a persistent data store.
|
| PrivilegeManager |
Class to manage entitlement privileges: to add, remove, modify privilege
|
| PrivilegeType |
Privilege types that are supported by the product.
|
| ReferralPrivilege | Deprecated
referrals is no longer supported by the
policy model and is in the process of being removed.
|
| RegExResourceName |
A
ResourceName implementation that matches the resourcenames using regular expressions. |
| ResourceMatch |
The class
ResourceMatch defines the results
of a resource match with respect to Policy. |
| ResourceSaveIndexes |
This class encapculates the resource indexes which are stored in data store.
|
| ResourceSearchIndexes |
This class encapsulates the result of resource splitting.
|
| SequentialThreadPool |
Thread Pool
|
| StaticAttributes |
Interface specification for entitlement
ResourceAttribute |
| StringAttributeCondition |
Condition for evaluating attribute value of string type.
|
| SubjectAttributesManager |
Manages multiple instances of
|
| SubjectDecision |
Class to represent
EntitlementSubject evaluation match result and - if applicable - its advices. |
| SubjectResult |
Class to represent the result of
ESubject evaluation |
| ThreadPool |
This thread pool maintains a number of threads that run the tasks from a task
queue one by one.
|
| URLResourceName |
This plugin extends the functionality provided in
PrefixResourceName to provide special handling to
URL type prefix resource names in canonicalize method
like validating port, assigning default port of 80, if port absent etc. |
| UserAttributes |
Interface specification for entitlement
ResourceAttribute |
| UserSubject | Deprecated
As of ForgeRock OpenAM 12.
|
| ValidateResourceResult |
This class has an error code which indicates why the resource name is
valid or invalid; and also a message.
|
| WSDLParser |
| Enum | Description |
|---|---|
| ApplicationPrivilege.Action | |
| ApplicationPrivilege.PossibleAction | |
| JSONNotification.Type | |
| NumericAttributeCondition.Operator | |
| PolicyEventType |
Defines the types of policy events.
|
| Exception | Description |
|---|---|
| EntitlementException |
Entitlement related exception.
|
| ThreadPoolException |
A
ThreadPoolException is thrown if the thread pool's task
queue limit is reached. |
Copyright © 2010–2025 Open Identity Platform Community. All rights reserved.