am_policy.h revision 4fe4e4f798a84a46e567f64ceadd3648eb0582d4
/* -*- Mode: C -*- */
/*
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
*
* Copyright (c) 2008 Sun Microsystems, Inc. All Rights Reserved.
*
* The contents of this file are subject to the terms
* of the Common Development and Distribution License
* (the License). You may not use this file except in
* compliance with the License.
*
* You can obtain a copy of the License at
* See the License for the specific language governing
* permission and limitations under the License.
*
* When distributing Covered Code, include this CDDL
* Header Notice in each file and include the License file
* at opensso/legal/CDDLv1.0.txt.
* If applicable, add the following below the CDDL Header,
* with the fields enclosed by brackets [] replaced by
* your own identifying information:
* "Portions Copyrighted [year] [name of copyright owner]"
*
* $Id: am_policy.h,v 1.4 2008/08/19 19:11:37 veiming Exp $
*/
/*
* Abstract:
*
* Types and functions for using OpenSSO Access
* Management SDK policy objects.
*
*/
#ifndef AM_POLICY_H
#define AM_POLICY_H
#include <stdlib.h>
#include <am.h>
#include <am_properties.h>
#include <am_map.h>
typedef struct am_policy_result {
const char *remote_user;
const char *remote_user_passwd;
const char *remote_IP;
const char *advice_string;
#define AM_POLICY_RESULT_INITIALIZER \
{ \
NULL, \
NULL, \
NULL, \
AM_MAP_NULL, \
AM_MAP_NULL, \
AM_MAP_NULL, \
AM_MAP_NULL, \
NULL \
} \
/**
* For explaination on each of these values see the comments in the
* function am_policy_compare_urls.
*/
typedef enum am_resource_match {
typedef struct am_resource_traits {
const char *policy_res_name,
const char *resource_name,
char *root_resource_name,
char separator;
void (*str_free)(void *resource_str);
/*
* Opaque handle for a policy evaluation object.
*/
typedef unsigned int am_policy_t;
/**
* Destroy am_policy_result internal structures.
*/
/*
* Method to initialize the policy evaluation engine.
*/
/*
* Method to initialize one specific instance of service for
* policy evaluation.
*/
am_policy_service_init(const char *service_name,
const char *instance_name,
/*
* Method to close an initialized policy evaluator
*/
/*
* Method to evaluate a non-boolean policy question for a resource.
*/
const char *sso_token,
const char *resource_name,
const char *action_name,
const am_map_t env_parameter_map,
char **am_revision_number);
/*
* Method to evaluate a non-boolean policy question for a resource.
*/
const char *sso_token,
const char *resource_name,
const char *action_name,
const am_map_t env_parameter_map,
/*
* Method to check if notification is enabled in the SDK.
*
* Returns:
* If notification is enabled returns non-zero, otherwise zero.
*/
/*
* Method to refresh policy cache when a policy notification is received
* by the client.
*/
const char *notification_data,
/**
* Method will take two url resources compare and return an appropriate
* result. The use_patterns is AM_TRUE, this method will consider occurances
* of '*' in the policy resource name as wildcards. If usePatterns is
* AM_FALSE, '*' occurances are taken as a literal characters.
* Returns:
* EXACT_MATCH - If both the resource names exactly matched.
* SUB_RESOURCE_MATCH - If the resourceName is a sub-resource to the resource
* name defined in the policy.
* SUPER_RESOURCE_MATCH - If the resourcName is a ancestor of the policy
* resource name.
* NO_MATCH - If the there is no kind of match between the policy resource
* and the requested resource name.
* EXACT_PATTERN_MATCH - This result will be returned only if the policy is
* matches resource name. Distinction is not made
* whether it was a EXACT_MATCH or a pattern match.
* Note: In cases of SUB/SUPER_RESOURCE_MATCH, if the usePatterns is
*/
const char *policy_resource_name,
const char *resource_name,
/**
* Given a url resource name, this method will populate the pointer
* resourceRoot with the resource root.
* Returns:
* Successful root extraction will return AM_TRUE and AM_FALSE otherwise.
*/
am_policy_get_url_resource_root(const char *resource_name,
am_policy_resource_has_patterns(const char *resource_name);
AM_EXPORT void
am_policy_resource_canonicalize(const char *, char **);
const char *ssoTokenId);
#endif /* not AM_POLICY_H */