Package com.sun.identity.entitlement.xacml3

Class XACMLExportImport

  • public class XACMLExportImport
extends Object
    Utility for handling the Export and subsequent Import of Policies into the OpenAM Entitlements framework.
    Since:
    12.0.0

    • Field Detail

      • PREFIX

        public static final String PREFIX

    • Constructor Detail

      • XACMLExportImport

        @Inject
public XACMLExportImport​(XACMLExportImport.PrivilegeManagerFactory privilegeManagerFactory,
                         XACMLReaderWriter xacmlReaderWriter,
                         PrivilegeValidator privilegeValidator,
                         SearchFilterFactory searchFilterFactory,
                         @Named("Entitlement")
                         Debug debug,
                         ApplicationServiceFactory applicationServiceFactory,
                         ResourceTypeService resourceTypeService)
        Creates an instance of the XACMLExportImport with dependencies provided.
        Parameters:
        privilegeManagerFactory - Non null, required to create PrivilegeManager instances.
        xacmlReaderWriter - Non null, required for translating privileges to/from XACML XML.
        privilegeValidator - Non null, required for validation of imported privileges.
        searchFilterFactory - Non null, required for SearchFilter operations.
        debug - Non null.
        applicationServiceFactory - Application service factory responsible for creating the application service.
        resourceTypeService - Resource type service responsible for creating resource types.

    • Method Detail

      • importXacml

        public List<ImportStep> importXacml​(String realm,
                                    InputStream xacml,
                                    Subject admin,
                                    boolean dryRun)
                             throws EntitlementException
        Performs the Import based on the given Stream. The stream must contain XML in XACML.
        Parameters:
        realm - Non null Realm to populate with the Policies.
        xacml - Non null stream to read.
        admin - Non null admin Subject.
        dryRun - boolean flag, indicating import steps should be reported but not applied.
        Returns:
        The sequence steps that could or have been used to carry out the import.
        Throws:
        EntitlementException - If there was any unexpected error.

      • exportXACML

        public PolicySet exportXACML​(String realm,
                             Subject admin,
                             List<String> filters)
                      throws EntitlementException
        Performs an export of all Policies found in the Privilege Manager that match the provided filters.
        Parameters:
        realm - Non null realm.
        admin - Non null admin subject to authenticate as.
        filters - Non null, but maybe empty filters to select Privileges against.
        Returns:
        A non null but possibly empty collection of Policies.
        Throws:
        EntitlementException - If there was any problem with the generation of Policies.