com.sun.identity.entitlement.xacml3

Class XACMLPrivilegeUtils

java.lang.Object

com.sun.identity.entitlement.xacml3.XACMLPrivilegeUtils

public class XACMLPrivilegeUtils
extends Object

Class with utility methods to map from com.sun.identity.entity.Privilege to com.sun.identity.entitlement.xacml3.core.Policy

Method Summary

Modifier and Type	Method and Description
static List<AnyOf>	actionNamesToAnyOfList(Set<String> actionNames, String applicationName)
static Match	actionNameToMatch(String actionName, String applicationName)
static PolicySet	addPolicyToPolicySet(Policy policy, PolicySet policySet)
static AnyOf	applicationNameToAnyOf(String applicationName)
static Match	applicationNameToMatch(String applicationName)
static boolean	containsUndesiredCharacters(String s) OPENAM-5031: We would have used DN.escapeAttributeValue to encode the incoming string and compare with the original string - if there are differences then the incoming string contains characters which LDAP requires quoted.
static AnyOf	entitlementSubjectToAnyOf(EntitlementSubject es)
static List<AnyOf>	entitlementSubjectToAnyOfList(EntitlementSubject es)
static Condition	eSubjectConditionToXCondition(EntitlementSubject es, EntitlementCondition ec)
static Map<String,Boolean>	getActionValuesFromPolicy(Policy policy) Gets the action values from the policy.
static String	getApplicationNameFromPolicy(Policy policy) Gets the name of the application to which this policy belongs.
static EntitlementCondition	getEntitlementConditionFromPolicy(Policy policy) Constructs EntitlementCondition from the policy.
static EntitlementSubject	getEntitlementSubjectFromPolicy(Policy policy) Constructs EntitlementSubject from policy.
static Set<Policy>	getPoliciesFromPolicySet(PolicySet policySet)
static Set<String>	getResourceNamesFromPolicy(Policy policy) Gets the resource names from the policy.
static String	getRuleCombiningAlgId(String applicationName)
static String	getVariableById(Policy policy, String id)
static boolean	isReferralPolicy(Policy policy)
static PolicySet	newPolicySet(String realm)
static String	policyIdToPrivilegeName(String policyId)
static Set<Privilege>	policySetToPrivileges(PolicySet policySet)
static Privilege	policyToPrivilege(Policy policy)
static ReferralPrivilege	policyToReferral(Policy policy)
static String	privilegeNameToPolicyId(String privilegeName, String applicationName)
static PolicySet	privilegesToPolicySet(String realm, Collection<Privilege> privileges)
static Policy	privilegeToPolicy(Privilege privilege)
static AnyOf	realmsAppsResourcesToAnyOf(Set<String> realms, Map<String,Set<String>> appsResources)
static Policy	referralToPolicy(ReferralPrivilege privilege)
static Policy	referralToPolicyInternal(ReferralPrivilege privilege)
static List<AnyOf>	resourceNamesToAnyOfList(Set<String> resourceNames, String applicationName)
static Match	resourceNameToMatch(String resourceName, String applicationName)
static Match	resourceNameToNotMatch(String resourceName, String applicationName)
static PolicySet	streamToPolicySet(InputStream stream)
static String	toXACML(Privilege privilege)
static String	toXML(Policy policy)
static String	toXML(PolicySet policySet)
static void	validate(Privilege privilege, PrivilegeValidator privilegeValidator) Validates the privilege instance.
static void	writeXMLToStream(PolicySet policySet, OutputStream outputStream)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Detail

toXACML

public static String toXACML(Privilege privilege)

toXML

public static String toXML(Policy policy)

toXML

public static String toXML(PolicySet policySet)
                    throws EntitlementException

Throws:

EntitlementException

writeXMLToStream

public static void writeXMLToStream(PolicySet policySet,
                                    OutputStream outputStream)
                             throws EntitlementException

Throws:

EntitlementException

privilegeToPolicy

public static Policy privilegeToPolicy(Privilege privilege)

privilegeNameToPolicyId

public static String privilegeNameToPolicyId(String privilegeName,
                                             String applicationName)

entitlementSubjectToAnyOfList

public static List<AnyOf> entitlementSubjectToAnyOfList(EntitlementSubject es)

entitlementSubjectToAnyOf

public static AnyOf entitlementSubjectToAnyOf(EntitlementSubject es)
                                       throws JAXBException

Throws:

JAXBException

resourceNamesToAnyOfList

public static List<AnyOf> resourceNamesToAnyOfList(Set<String> resourceNames,
                                                   String applicationName)

applicationNameToAnyOf

public static AnyOf applicationNameToAnyOf(String applicationName)

actionNamesToAnyOfList

public static List<AnyOf> actionNamesToAnyOfList(Set<String> actionNames,
                                                 String applicationName)

resourceNameToMatch

public static Match resourceNameToMatch(String resourceName,
                                        String applicationName)

resourceNameToNotMatch

public static Match resourceNameToNotMatch(String resourceName,
                                           String applicationName)

actionNameToMatch

public static Match actionNameToMatch(String actionName,
                                      String applicationName)

applicationNameToMatch

public static Match applicationNameToMatch(String applicationName)

eSubjectConditionToXCondition

public static Condition eSubjectConditionToXCondition(EntitlementSubject es,
                                                      EntitlementCondition ec)
                                               throws JAXBException

Throws:

JAXBException

getRuleCombiningAlgId

public static String getRuleCombiningAlgId(String applicationName)

policySetToPrivileges

public static Set<Privilege> policySetToPrivileges(PolicySet policySet)
                                            throws EntitlementException

Throws:

EntitlementException

policyToPrivilege

public static Privilege policyToPrivilege(Policy policy)
                                   throws EntitlementException

Throws:

EntitlementException

getApplicationNameFromPolicy

public static String getApplicationNameFromPolicy(Policy policy)

Gets the name of the application to which this policy belongs.

Parameters:

policy - read from XACML import stream.

Returns:

application name.

getResourceNamesFromPolicy

public static Set<String> getResourceNamesFromPolicy(Policy policy)

Gets the resource names from the policy.

Parameters:

policy - read from XACML import stream.

Returns:

resource names.

policyIdToPrivilegeName

public static String policyIdToPrivilegeName(String policyId)

getVariableById

public static String getVariableById(Policy policy,
                                     String id)

privilegesToPolicySet

public static PolicySet privilegesToPolicySet(String realm,
                                              Collection<Privilege> privileges)

newPolicySet

public static PolicySet newPolicySet(String realm)
                              throws JAXBException

Throws:

JAXBException

addPolicyToPolicySet

public static PolicySet addPolicyToPolicySet(Policy policy,
                                             PolicySet policySet)
                                      throws JAXBException

Throws:

JAXBException

getActionValuesFromPolicy

public static Map<String,Boolean> getActionValuesFromPolicy(Policy policy)

Gets the action values from the policy.

Parameters:

policy - instance read from the XACML input stream.

Returns:

action values.

getEntitlementSubjectFromPolicy

public static EntitlementSubject getEntitlementSubjectFromPolicy(Policy policy)

Constructs EntitlementSubject from policy.

Parameters:

policy - from which the EntitlementSubject is created.

Returns:

EntitlementSubject created from the policy instance.

getEntitlementConditionFromPolicy

public static EntitlementCondition getEntitlementConditionFromPolicy(Policy policy)
                                                              throws EntitlementException

Constructs EntitlementCondition from the policy.

Parameters:

policy - from which EntitlementCondition is constructed.

Returns:

EntitlementCondition instance created from the policy instance.

Throws:

EntitlementException - when any error occurs during construction.

streamToPolicySet

public static PolicySet streamToPolicySet(InputStream stream)
                                   throws JAXBException

Throws:

JAXBException

getPoliciesFromPolicySet

public static Set<Policy> getPoliciesFromPolicySet(PolicySet policySet)

referralToPolicy

public static Policy referralToPolicy(ReferralPrivilege privilege)
                               throws org.json.JSONException

Throws:

org.json.JSONException

referralToPolicyInternal

public static Policy referralToPolicyInternal(ReferralPrivilege privilege)
                                       throws JAXBException,
                                              org.json.JSONException

Throws:

JAXBException

org.json.JSONException

isReferralPolicy

public static boolean isReferralPolicy(Policy policy)

policyToReferral

public static ReferralPrivilege policyToReferral(Policy policy)
                                          throws EntitlementException,
                                                 org.json.JSONException

Throws:

EntitlementException

org.json.JSONException

realmsAppsResourcesToAnyOf

public static AnyOf realmsAppsResourcesToAnyOf(Set<String> realms,
                                               Map<String,Set<String>> appsResources)
                                        throws org.json.JSONException

Throws:

org.json.JSONException

validate

public static void validate(Privilege privilege,
                            PrivilegeValidator privilegeValidator)
                     throws EntitlementException

Validates the privilege instance.

Parameters:

privilege - instance to be validated.

privilegeValidator - the validator for privilege.

Throws:

EntitlementException - if the privilege is invalid.

containsUndesiredCharacters

public static boolean containsUndesiredCharacters(String s)

OPENAM-5031: We would have used DN.escapeAttributeValue to encode the incoming string and compare with the original string - if there are differences then the incoming string contains characters which LDAP requires quoted. However ssoadm doesn't include the jar that the DN class ends up in. In order to avoid the overhead of adding a whole jar just for one function in one class, this is provided here. Thus, this function returns true if the incoming string contains any character which LDAP requires to be quoted.

Parameters:

s - The specified string.

Returns:

true if the string contains characters which require quotation for LDAP to work, false otherwise