ReferralPrivilege.java revision 4d1d71cf6c0dd2b545d8adfbbae9b28a3afdecd4
/**
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
*
* Copyright (c) 2009 Sun Microsystems Inc. All Rights Reserved
*
* The contents of this file are subject to the terms
* of the Common Development and Distribution License
* (the License). You may not use this file except in
* compliance with the License.
*
* You can obtain a copy of the License at
* See the License for the specific language governing
* permission and limitations under the License.
*
* When distributing Covered Code, include this CDDL
* Header Notice in each file and include the License file
* at opensso/legal/CDDLv1.0.txt.
* If applicable, add the following below the CDDL Header,
* with the fields enclosed by brackets [] replaced by
* your own identifying information:
* "Portions Copyrighted [year] [name of copyright owner]"
*
* $Id: ReferralPrivilege.java,v 1.7 2010/01/08 23:59:31 veiming Exp $
*/
/*
* Portions Copyrighted 2010-2011 ForgeRock AS
*/
/**
* Referral privilege allows application to be referred to peer and sub realm.
*/
private String description;
private long creationDate;
private long lastModifiedDate;
private String lastModifiedBy;
private boolean active = true;
private ReferralPrivilege() {
}
/**
* Constructor
*
* @param name Name
* @param map Map of application name to resources.
* @param realms Realm names
* @throws EntitlementException if map or realms are empty.
*/
public ReferralPrivilege(
) throws EntitlementException {
throw new EntitlementException(250);
}
}
}
if (mapApplNameToResources != null) {
}
}
return clone;
}
try {
ReferralPrivilege r = new ReferralPrivilege();
}
}
"mapApplNameToResources");
"origMapApplNameToResources");
return r;
} catch (JSONException ex) {
}
return null;
}
/**
* Sets the application name to resource name.
*
* @param map map of application name to tesource names.
* @throws EntitlementException if map is empty.
*/
throws EntitlementException {
// map would be null, when a referral policy is created without rule
// see issue 5291
throw new EntitlementException(251);
}
}
}
}
}
/**
* Sets realms.
*
* @param realms Realms.
* @throws EntitlementException if realms is empty.
*/
throws EntitlementException {
// Issue 5219
}
}
/**
* Returns mapping of application name to resources.
*
* @return mapping of application name to resources.
*/
return deepCopyMap(mapApplNameToResources);
}
}
return result;
}
/**
* Returns non canonicalized mapping of application name to resources.
*
* @return mapping of application name to resources.
*/
return (origMapApplNameToResources != null) ?
}
/**
* Returns name.
*
* @return name.
*/
return name;
}
/**
* Sets description.
*
* @param description
*/
this.description = description;
}
/**
* Returns description.
*
* @return description.
*/
public String getDescription() {
return description;
}
/**
* Returns realms.
*
* @return realms
*/
return set;
}
/**
* Returns resource save indexes.
*
* @param adminSubject Admin Subject.
* @param realm Realm Name
* @return resource save indexes.
*/
) throws EntitlementException {
} else {
}
}
}
return result;
}
/**
* Returns creation date.
*
* @return creation date.
*/
public long getCreationDate() {
return creationDate;
}
/**
* Sets the creation date.
*
* @param creationDate creation date.
*/
public void setCreationDate(long creationDate) {
this.creationDate = creationDate;
}
/**
* Returns last modified date.
*
* @return last modified date.
*/
public long getLastModifiedDate() {
return lastModifiedDate;
}
/**
* Sets the last modified date.
*
* @param lastModifiedDate last modified date.
*/
public void setLastModifiedDate(long lastModifiedDate) {
this.lastModifiedDate = lastModifiedDate;
}
/**
* Returns the user ID who last modified the policy.
*
* @return user ID who last modified the policy.
*/
public String getLastModifiedBy() {
return lastModifiedBy;
}
/**
* Sets the user ID who last modified the policy.
*
* @param lastModifiedBy user ID who last modified the policy.
*/
this.lastModifiedBy = lastModifiedBy;
}
/**
* Returns the user ID who created the policy.
*
* @return user ID who created the policy.
*/
public String getCreatedBy() {
return createdBy;
}
/**
* Sets the user ID who created the policy.
*
* @param createdBy user ID who created the policy.
*/
}
return toJSON();
}
try {
if (origMapApplNameToResources != null) {
}
} catch (JSONException ex) {
}
return "";
}
/**
* Canonicalizes resource name before persistence.
*
* @param adminSubject Admin Subject.
* @param realm Realm Name
*/
throws EntitlementException {
appName);
}
}
}
private ResourceName getResourceComparator(
return appl.getResourceComparator();
}
boolean recursive,
) throws EntitlementException {
if (!active) {
return Collections.EMPTY_LIST;
}
if (ec.doesRealmExist()) {
app);
rlm,
app);
toLowerCase();
boolean applicable = false;
comp.canonicalize(r), true);
if (!recursive) {
} else {
}
if (applicable) {
break;
}
}
if (applicable) {
// create subject for sub realm by copying subject for
// this realm and clear the public credentials.
// this needs to be revisited later if public
// credentials contains realm-independent credentals
// Fix for OPENAM-790
// Ensure that the Entitlement environment contains the correct
// Policy Configuration for the realm being evaluated.
rlm,
if (savedConfig != null) {
}
if (entitlements != null) {
}
}
}
}
}
}
}
return results;
}
throws EntitlementException {
if (!principals.isEmpty()) {
for (Principal p : principals) {
} else {
}
}
}
}
}
}
} else {
}
return resources;
}
) throws EntitlementException {
}
return results;
}
/**
* Returns <code>true</code> if this privilege is active.
*
* @return <code>true</code> if this privilege is active.
*/
public boolean isActive() {
return active;
}
/**
*
* @param active <code>true</code> if this privilege is to be active.
*/
}
}