Package com.sun.identity.policy.plugins

Class IDRepoResponseProvider

  • All Implemented Interfaces:
    ResponseProvider, Cloneable
    public class IDRepoResponseProvider
extends Object
implements ResponseProvider
    This class is an out of the box implementation of ResponseProvider interface. It defines 2 types of user attributes which it can fetch the values of: STATIC and DYNAMIC. It relies on underlying Identity repository service to fetch the attribute values for the Subject(s) defined in the policy. It computes a Map of response attributes based on the sso token, resource name and env map passed in the method call getResponseDecision(). Policy framework would make a call to the ResponseProvider to fetch response attributes in a policy only if the policy is applicable to a request as determined by sso token, resource name, Subjects and Conditions.

    • Constructor Detail

      • IDRepoResponseProvider

        public IDRepoResponseProvider()
        No argument constructor.

    • Method Detail

      • initialize

        public void initialize​(Map configParams)
                throws PolicyException
        Initialize the IDRepoResponseProvider object by using the configuration information passed by the Policy Framework.
        Specified by:
        initialize in interface ResponseProvider
        Parameters:
        configParams - the configuration information
        Throws:
        PolicyException - if an error occured during initialization of the instance

      • getPropertyNames

        public List getPropertyNames()
        Returns a list of property names for the responseprovider.
        Specified by:
        getPropertyNames in interface ResponseProvider
        Returns:
        List of property names

      • getPropertySyntax

        public Syntax getPropertySyntax​(String property)
        Returns the syntax for a property name
        Specified by:
        getPropertySyntax in interface ResponseProvider
        Parameters:
        property - property name
        Returns:
        Syntax for the property name
        See Also:
        Syntax

      • getDisplayName

        public String getDisplayName​(String property,
                             Locale locale)
                      throws PolicyException
        Gets the display name for the property name. The locale variable could be used by the plugin to customize the display name for the given locale. The locale variable could be null, in which case the plugin must use the default locale.
        Specified by:
        getDisplayName in interface ResponseProvider
        Parameters:
        property - property name
        locale - locale for which the property name must be customized
        Returns:
        display name for the property name.
        Throws:
        PolicyException

      • getValidValues

        public Set getValidValues​(String property)
                   throws PolicyException
        Returns a set of valid values given the property name. This method is called if the property Syntax is either the SINGLE_CHOICE or MULTIPLE_CHOICE.
        Specified by:
        getValidValues in interface ResponseProvider
        Parameters:
        property - property name from the PolicyConfig Service configured for the specified realm.
        Returns:
        Set of valid values for the property.
        Throws:
        PolicyException - if unable to get the Syntax.

      • setProperties

        public void setProperties​(Map properties)
                   throws PolicyException
        Sets the properties of the responseProvider plugin. This influences the response attribute-value Map that would be computed by a call to method getResponseDecision(Map) These attribute-value pairs are encapsulated in ResponseAttribute element tag which is a child of the PolicyDecision element in the PolicyResponse xml if the policy is applicable to the user for the resource, subject and conditions defined.
        Specified by:
        setProperties in interface ResponseProvider
        Parameters:
        properties - the properties of the responseProvider Keys of the properties have to be String. Value corresponding to each key have to be a Set of String elements. Each implementation of ResponseProvider could add further restrictions on the keys and values of this map.
        Throws:
        PolicyException - for any abnormal condition

      • getResponseDecision

        public Map getResponseDecision​(SSOToken token,
                               Map env)
                        throws PolicyException,
                               SSOException
        Gets the response attributes computed by this ResponseProvider object, based on the sso token and map of environment parameters
        Specified by:
        getResponseDecision in interface ResponseProvider
        Parameters:
        token - single-sign-on token of the user
        env - specific environment map of key/value pairs
        Returns:
        a Map of response attributes. Keys of the Map are attribute names STATIC_ATTRIBUTE or DYNAMIC_ATTRIBUTE. Value is a Set of Strings representing response attribute values.
        Throws:
        PolicyException - if the decision could not be computed
        SSOException - if SSO token is not valid