Class IPv4Condition
- java.lang.Object
-
- com.sun.identity.entitlement.EntitlementConditionAdaptor
-
- org.forgerock.openam.entitlement.conditions.environment.IPv4Condition
-
- All Implemented Interfaces:
EntitlementCondition
public class IPv4Condition extends EntitlementConditionAdaptor
AnEntitlementConditionthat can be used to enable/disable an authorization policy based on the IP address and DNS name of the originating client requesting access to a resource.
-
-
Field Summary
Fields Modifier and Type Field Description protected Debugdebug
-
Constructor Summary
Constructors Constructor Description IPv4Condition()Constructs a new IPv4Condition instance.IPv4Condition(String startIp, String endIp, List<String> ipRange, List<String> dnsName)JSON deserialization constructor used to ensure fields are set in an order that allows inter-field validation to pass.
-
Method Summary
All Methods Instance Methods Concrete Methods Deprecated Methods Modifier and Type Method Description booleanequals(Object obj)Returnstrueif the passed in object is equal to this objectConditionDecisionevaluate(String realm, Subject subject, String resourceName, Map<String,Set<String>> env)Returns condition decision.List<String>getDnsName()StringgetEndIp()List<String>getIpRange()Deprecated.StringgetRequestIp(Map env)Helper method to extractREQUEST_IP.StringgetSessionIp(Subject subject)Helper method to retrieve IP from subject'sSSOToken.StringgetStartIp()StringgetState()Returns state of the object encoded as a JSON string.inthashCode()Returns hash code of the object.voidsetDnsName(List<String> dnsName)voidsetIpRange(List<String> ipRanges)Deprecated.voidsetStartIpAndEndIp(String startIp, String endIp)voidsetState(String state)Sets state of this object from a JSON string.protected LongstringToIp(String ip)Factory method for constructing an IP value from its String representation.StringtoString()voidvalidate()Checks that this condition is configured correctly.-
Methods inherited from class com.sun.identity.entitlement.EntitlementConditionAdaptor
getDisplayType, init, setDisplayType, setState, toJSONObject
-
-
-
-
Field Detail
-
debug
protected final Debug debug
-
-
Constructor Detail
-
IPv4Condition
public IPv4Condition()
Constructs a new IPv4Condition instance.
-
IPv4Condition
public IPv4Condition(String startIp, String endIp, List<String> ipRange, List<String> dnsName) throws EntitlementException
JSON deserialization constructor used to ensure fields are set in an order that allows inter-field validation to pass.- Throws:
EntitlementException- If any of the provided properties fail validation
-
-
Method Detail
-
stringToIp
protected Long stringToIp(String ip) throws EntitlementException
Factory method for constructing an IP value from its String representation.- Parameters:
ip- A String representation of an IP value.- Returns:
- An IP value.
- Throws:
EntitlementException- If argument is not a string representing an IP value understood by this object.
-
setState
public void setState(String state)
Sets state of this object from a JSON string.- Parameters:
state- State of the object encoded as a JSON string
-
getStartIp
public String getStartIp()
-
getEndIp
public String getEndIp()
-
setStartIpAndEndIp
public void setStartIpAndEndIp(String startIp, String endIp) throws EntitlementException
- Throws:
EntitlementException
-
setDnsName
public void setDnsName(List<String> dnsName) throws EntitlementException
- Throws:
EntitlementException
-
getIpRange
@Deprecated public List<String> getIpRange()
Deprecated.
-
setIpRange
@Deprecated public void setIpRange(List<String> ipRanges) throws EntitlementException
Deprecated.- Throws:
EntitlementException
-
getState
public String getState()
Returns state of the object encoded as a JSON string.- Returns:
- state of the object encoded as a JSON string.
-
validate
public void validate() throws EntitlementExceptionDescription copied from interface:EntitlementConditionChecks that this condition is configured correctly. ThrowsEntitlementExceptionif not with an informative message to display to the user creating/updating the policy.- Throws:
EntitlementException- if the configuration state is not valid.
-
evaluate
public ConditionDecision evaluate(String realm, Subject subject, String resourceName, Map<String,Set<String>> env) throws EntitlementException
Returns condition decision.- Parameters:
realm- Realm Name.subject- Subject who is under evaluation.resourceName- Resource name.env- Environment parameters.- Returns:
- resulting condition decision.
- Throws:
EntitlementException- if cannot get condition decision.
-
getRequestIp
public String getRequestIp(Map env)
Helper method to extractREQUEST_IP.- Parameters:
env- The map containing environment description. Note that the type of the value corresponding toREQUEST_IPparameter differs depending upon invocation path. It will be aStringwhen invoked by the agents, but it will be aSet<String>when invoked via the DecisionResource (GET ws/1/entitlement/entitlements).- Returns:
- The IP that was used, can return null if no IP found.
-
getSessionIp
public String getSessionIp(Subject subject) throws EntitlementException
Helper method to retrieve IP from subject'sSSOToken.- Parameters:
subject- Subject who is under evaluation.- Returns:
- IP address from subject's
SSOTokenor null if no SSOToken is found. - Throws:
EntitlementException- If any exception occurs when accessing the subject'sSSOToken.
-
equals
public boolean equals(Object obj)
Description copied from class:EntitlementConditionAdaptorReturnstrueif the passed in object is equal to this object- Overrides:
equalsin classEntitlementConditionAdaptor- Parameters:
obj- object to check for equality- Returns:
trueif the passed in object is equal to this object
-
hashCode
public int hashCode()
Description copied from class:EntitlementConditionAdaptorReturns hash code of the object.- Overrides:
hashCodein classEntitlementConditionAdaptor- Returns:
- hash code of the object.
-
-