Package com.sun.identity.entitlement.xacml3

Class XACMLPrivilegeUtils

  • public class XACMLPrivilegeUtils
extends Object
    Class with utility methods to map from com.sun.identity.entity.Privilege to com.sun.identity.entitlement.xacml3.core.Policy

    • Method Detail

      • privilegeToPolicy

        public static Policy privilegeToPolicy​(Privilege privilege)

      • privilegeNameToPolicyId

        public static String privilegeNameToPolicyId​(String privilegeName,
                                             String applicationName)

      • resourceNamesToAnyOfList

        public static List<AnyOf> resourceNamesToAnyOfList​(Set<String> resourceNames,
                                                   String applicationName)

      • applicationNameToAnyOf

        public static AnyOf applicationNameToAnyOf​(String applicationName)

      • actionNamesToAnyOfList

        public static List<AnyOf> actionNamesToAnyOfList​(Set<String> actionNames,
                                                 String applicationName)

      • resourceNameToMatch

        public static Match resourceNameToMatch​(String resourceName,
                                        String applicationName)

      • resourceNameToNotMatch

        public static Match resourceNameToNotMatch​(String resourceName,
                                           String applicationName)

      • actionNameToMatch

        public static Match actionNameToMatch​(String actionName,
                                      String applicationName)

      • applicationNameToMatch

        public static Match applicationNameToMatch​(String applicationName)

      • getRuleCombiningAlgId

        public static String getRuleCombiningAlgId​(String applicationName)

      • getApplicationNameFromPolicy

        public static String getApplicationNameFromPolicy​(Policy policy)
        Gets the name of the application to which this policy belongs.
        Parameters:
        policy - read from XACML import stream.
        Returns:
        application name.

      • getResourceNamesFromPolicy

        public static Set<String> getResourceNamesFromPolicy​(Policy policy)
        Gets the resource names from the policy.
        Parameters:
        policy - read from XACML import stream.
        Returns:
        resource names.

      • policyIdToPrivilegeName

        public static String policyIdToPrivilegeName​(String policyId)

      • getActionValuesFromPolicy

        public static Map<String,​Boolean> getActionValuesFromPolicy​(Policy policy)
        Gets the action values from the policy.
        Parameters:
        policy - instance read from the XACML input stream.
        Returns:
        action values.

      • getEntitlementSubjectFromPolicy

        public static EntitlementSubject getEntitlementSubjectFromPolicy​(Policy policy)
        Constructs EntitlementSubject from policy.
        Parameters:
        policy - from which the EntitlementSubject is created.
        Returns:
        EntitlementSubject created from the policy instance.

      • getEntitlementConditionFromPolicy

        public static EntitlementCondition getEntitlementConditionFromPolicy​(Policy policy)
                                                              throws EntitlementException
        Constructs EntitlementCondition from the policy.
        Parameters:
        policy - from which EntitlementCondition is constructed.
        Returns:
        EntitlementCondition instance created from the policy instance.
        Throws:
        EntitlementException - when any error occurs during construction.

      • getPoliciesFromPolicySet

        public static Set<Policy> getPoliciesFromPolicySet​(PolicySet policySet)

      • referralToPolicy

        public static Policy referralToPolicy​(ReferralPrivilege privilege)
                               throws org.json.JSONException
        Throws:
        org.json.JSONException

      • isReferralPolicy

        public static boolean isReferralPolicy​(Policy policy)

      • realmsAppsResourcesToAnyOf

        public static AnyOf realmsAppsResourcesToAnyOf​(Set<String> realms,
                                               Map<String,​Set<String>> appsResources)
                                        throws org.json.JSONException
        Throws:
        org.json.JSONException

      • containsUndesiredCharacters

        public static boolean containsUndesiredCharacters​(String s)
        OPENAM-5031: We would have used DN.escapeAttributeValue to encode the incoming string and compare with the original string - if there are differences then the incoming string contains characters which LDAP requires quoted. However ssoadm doesn't include the jar that the DN class ends up in. In order to avoid the overhead of adding a whole jar just for one function in one class, this is provided here. Thus, this function returns true if the incoming string contains any character which LDAP requires to be quoted.
        Parameters:
        s - The specified string.
        Returns:
        true if the string contains characters which require quotation for LDAP to work, false otherwise