/**
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
*
* Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved
*
* The contents of this file are subject to the terms
* of the Common Development and Distribution License
* (the License). You may not use this file except in
* compliance with the License.
*
* You can obtain a copy of the License at
* https://opensso.dev.java.net/public/CDDLv1.0.html or
* opensso/legal/CDDLv1.0.txt
* See the License for the specific language governing
* permission and limitations under the License.
*
* When distributing Covered Code, include this CDDL
* Header Notice in each file and include the License file
* at opensso/legal/CDDLv1.0.txt.
* If applicable, add the following below the CDDL Header,
* with the fields enclosed by brackets [] replaced by
* your own identifying information:
* "Portions Copyrighted [year] [name of copyright owner]"
*
* $Id: XACMLAuthzDecisionQuery.java,v 1.3 2008/06/25 05:48:14 qcheng Exp $
*
*/
package com.sun.identity.xacml.saml2;
import com.sun.identity.saml2.protocol.RequestAbstract;
import com.sun.identity.xacml.common.XACMLException;
import com.sun.identity.xacml.context.Request;
/**
* The XACMLAuthzDecisionQuery
element is a SAML Query that
* extends SAML Protocol schema type RequestAbstractType
.
* It allows an XACML PEP to submit an XACML Request Context in a SAML
* Query along with other information. This element is an alternative to
* SAML defined
that allows an
* XACML PEP to communicate with an XACML PDP using SAML2 protocol.
*
* Schema: *
*<xs:element name="XACMLAuthzDecisionQuery" * type="XACMLAuthzDecisionQueryType"/> *<xs:complexType name="XACMLAuthzDecisionQueryType"> * <xs:complexContent> * <xs:extension base="samlp:RequestAbstractType"> * <xs:sequence> * <xs:element ref="xacml-context:Request"/> * <xs:sequence> * <xs:attribute name="InputContextOnly" * type="boolean" * use="optional" * default="false"/> * <xs:attribute name="ReturnContext" * type="boolean" * use="optional" * default="false"/> * <xs:extension> * <xs:complexContent> *<xs:complexType> ** * Schema for base: *
* <complexType name="RequestAbstractType" abstract="true"> * <sequence> * <element ref="saml:Issuer" minOccurs="0"/> * <element ref="ds:Signature" minOccurs="0"/> * <element ref="samlp:Extensions" minOccurs="0"/> * <sequence> * <attribute name="ID" type="ID" use="required"/> * <attribute name="Version" type="string" use="required"/> * <attribute name="IssueInstant" type="dateTime" use="required"/> * <attribute name="Destination" type="anyURI" use="optional"/> * <attribute name="Consent" type="anyURI" use="optional"/> * <complexType> ** *@supported.all.api */ public interface XACMLAuthzDecisionQuery extends RequestAbstract { /** * Returns the XML attribute boolean value which governs the * source of information that the PDP is allowed to use in * making an authorization decision. If this attribute is "true" * then it indiactes that the authorization decision has been made * solely on the basis of information contained in the
* XACMLAuthzDecisionQuery
; no external attributes have been
* used. If this value is "false" then the decision may have been made
* on the basis of external attributes not conatined in the
* XACMLAuthzDecisionQuery
.
* @return boolean
indicating the value
* of this attribute.
*/
public boolean getInputContextOnly();
/**
* Sets the XML attribute boolean value which governs the
* source of information that the PDP is allowed to use in
* making an authorization decision. If this attribute is "true"
* then it indicates to the PDP that the authorization decision has to be
* made solely on the basis of information contained in the
* XACMLAuthzDecisionQuery
; no external attributes may be
* used. If this value is "false" then the decision can be made
* on the basis of external attributes not conatined in the
* XACMlAuthzDecisionQuery
.
* @param inputContextOnly boolean
indicating the value
* of this attribute.
*
* @exception XACMLException if the object is immutable
* An object is considered immutable
if
* makeImmutable()
has been invoked on it. It can
* be determined by calling isMutable
on the object.
*/
public void setInputContextOnly(boolean inputContextOnly) throws
XACMLException;
/**
* Returns the XML attribute boolean value which provides means
* to PEP to request that an xacml-context>Request
* element be included in the XACMlAuthzdecisionStatement
* resulting from the request. It also governs the contents of that
* xacml-context:Request
element in the
* XACMLAuthzDecisionStatement
element in the
* XACMLResponse
. The xacml-context:Request
SHALL
* include all the attributes supplied by the PEP in the
* AuthzDecisionQuery
which were used in making
* the authz decision. Other addtional attributes which may have been used
* by the PDP may be included.
* If this attribute is "false" then the PDP SHALL NOT include the
* xacml-context:Request
element in the
* XACMLAuthzDecisionStatement.
*
* @return boolean
indicating the value
* of this attribute.
*/
public boolean getReturnContext();
/**
* Sets the boolean value for this XML attribute
* @see #getReturnContext()
*
* @param returnContext boolean
indicating the value
* of this attribute.
*
* @exception XACMLExceptioXACMLException if the object is immutable
* An object is considered immutable
if
* makeImmutable()
has been invoked on it. It can
* be determined by calling isMutable
on the object.
*/
public void setReturnContext(boolean returnContext) throws XACMLException;
/**
* Returns the xacml-context:Request
element of this object
*
* @return the xacml-context:Request
elements of this object
*/
public Request getRequest();
/**
* Sets the xacml-context:Request
element of this object
*
* @param request the xacml-context:Request
element of this
* object.
*
* @exception XACMLException if the object is immutable
* An object is considered immutable
if
* makeImmutable()
has been invoked on it. It can
* be determined by calling isMutable
on the object.
*/
public void setRequest(Request request) throws XACMLException;
/**
* Returns a String
representation of this object
* @param includeNSPrefix Determines whether or not the namespace qualifier
* is prepended to the Element when converted
* @param declareNS Determines whether or not the namespace is declared
* within the Element.
* @return a string representation of this object
* @exception XACMLException if conversion fails for any reason
*/
public String toXMLString(boolean includeNSPrefix, boolean declareNS)
throws XACMLException;
/**
* Returns a string representation of this object
*
* @return a string representation of this object
* @exception XACMLException if conversion fails for any reason
*/
public String toXMLString() throws XACMLException;
/**
* Makes the object immutable
*/
public void makeImmutable();
/**
* Checks if the object is mutable
*
* @return true
if the object is mutable,
* false
otherwise
*/
public boolean isMutable();
}