SubjectAttributesManager.java revision c8ab19d28fde5eda3b2daab4b1124887681fedf9
/*
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
*
* Copyright (c) 2009 Sun Microsystems Inc. All Rights Reserved
*
* The contents of this file are subject to the terms
* of the Common Development and Distribution License
* (the License). You may not use this file except in
* compliance with the License.
*
* You can obtain a copy of the License at
* See the License for the specific language governing
* permission and limitations under the License.
*
* When distributing Covered Code, include this CDDL
* Header Notice in each file and include the License file
* at opensso/legal/CDDLv1.0.txt.
* If applicable, add the following below the CDDL Header,
* with the fields enclosed by brackets [] replaced by
* your own identifying information:
* "Portions Copyrighted [year] [name of copyright owner]"
*
* $Id: SubjectAttributesManager.java,v 1.3 2009/09/24 22:37:43 hengming Exp $
*
* Portions Copyrighted 2014 ForgeRock AS.
*/
/**
* Manages multiple instances of <class>SubjectAttributesCollector</class>,
* and to be called by <class>Evaluator</class> and <class>
* EntitlementSubject</class> implementations to obtain users' attributes and
* memberships.
*/
public class SubjectAttributesManager {
private SubjectAttributesCollector attrCollector;
private static final String DEFAULT_SUBJECT_ATTRIBUTES_COLLECTOR_NAME =
"OpenSSO";
private static final String DEFAULT_IMPL =
"com.sun.identity.entitlement.opensso.OpenSSOSubjectAttributesCollector";
private Subject adminSubject;
this.adminSubject = adminSubject;
try {
} catch (EntitlementException ex) {
"SubjectAttributesManager.<init>", ex);
}
}
}
}
}
try {
implClass).newInstance();
} catch (ClassNotFoundException ex) {
ex);
} catch (InstantiationException ex) {
ex);
} catch (IllegalAccessException ex) {
ex);
}
}
/**
* Returns an instance of <code>SubjectAttributesManager</code>.
*
* @param adminSubject subject who has rights to access PIP.
* @return an instance of <code>SubjectAttributesManager</code>.
*/
}
/**
* Returns the <code>SubjectAttributesManager</code> of a given subject.
*
* @param adminSubject subject who has rights to access PIP.
* @param subject Subject
* @return <code>SubjectAttributesManager</code> of a given subject.
*/
public static SubjectAttributesManager getInstance(
//TOFIX get realm from subject;
}
/**
* Returns the <code>SubjectAttributesManager</code> of a given realm.
*
* @param adminSubject subject who has rights to access PIP.
* @param realmName Name of realm.
* @return <code>SubjectAttributesManager</code> of a given realm.
*/
public static SubjectAttributesManager getInstance(
try {
} finally {
}
try {
} else {
}
} finally {
}
}
return sam;
}
/**
* Returns the subject search indexes for a given privilege.
*
* @param privilege Privilege object.
* @return the subject search indexes for a given privilege.
* @throws com.sun.identity.entitlement.EntitlementException if indexes
* cannot be obtained.
*/
throws EntitlementException {
for (String v : attrValues) {
}
}
} else {
}
return (searchIndexes);
}
/**
* Returns the required attribute name for a given privilege.
*
* @param privilege Privilege object.
* @return the required attribute name for a given privilege.
*/
return (e != null) ? e.getRequiredAttributeNames() :
}
/**
* Returns the subject search filter for a given subject.
*
* @param subject Subject object.
* @param applicationName Name of application.
* @return subject search filter for a given subject.
* @throws com.sun.identity.entitlement.EntitlementException if search
* filter cannot be obtained.
*/
throws EntitlementException {
try {
}
}
}
} catch (EntitlementException ex) {
if (DEBUG.warningEnabled()) {
}
}
}
return results;
}
/**
* Returns the attribute values of the given user represented by
* <class>Subject</class> object.
* @param subject identity of the user.
* @param attrNames requested attribute names.
* @return a map of attribute names and their values.
* @throws com.sun.identity.entitlement.EntitlementException if attribute
* values cannot be obtained.
*/
) throws EntitlementException {
}
/**
* Returns <code>true</code> if attribute value for the given user
* represented by <class>Subject</class> object is present.
*
* @param subject identity of the user
* @param attrName attribute name to check
* @param attrValue attribute value to check
* @return <code>true</code> if attribute value for the given user
* represented by <class>Subject</class> object is present.
* @throws com.sun.identity.entitlement.EntitlementException
*/
public boolean hasAttribute(
) throws EntitlementException {
}
/**
* Returns application attribute names.
*
* @param realm Realm name
* @param applicationName Application name.
* @return application attribute names.
* @throws EntitlementException if application attributes cannot be
* returned.
*/
) throws EntitlementException {
}
/**
* Returns available subject attribute names.
*
* @return a set of available subject attribute names or null if not found
* @throws EntitlementException if available subject attribute names
* cannot be returned.
*/
throws EntitlementException{
}
/**
* Returns true if group membership search index is enabled or false
* otherwise.
*
* @return true if group membership search index is enabled or false
* otherwise.
*/
public boolean isGroupMembershipSearchIndexEnabled() {
}
/**
* Returns the attribute values of the given user represented by
* <class>Subject</class> object.
* @param subject identity of the user.
* @param attrNames requested attribute names.
* @return a map of attribute names and their values.
* @throws com.sun.identity.entitlement.EntitlementException if attribute
* values cannot be obtained.
*/
) throws EntitlementException {
}
}