/**
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
*
* Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved
*
* The contents of this file are subject to the terms
* of the Common Development and Distribution License
* (the License). You may not use this file except in
* compliance with the License.
*
* You can obtain a copy of the License at
* See the License for the specific language governing
* permission and limitations under the License.
*
* When distributing Covered Code, include this CDDL
* Header Notice in each file and include the License file
* at opensso/legal/CDDLv1.0.txt.
* If applicable, add the following below the CDDL Header,
* with the fields enclosed by brackets [] replaced by
* your own identifying information:
* "Portions Copyrighted [year] [name of copyright owner]"
*
* $Id: AuthorizationDecisionStatementBase.java,v 1.2 2008/06/25 05:47:32 qcheng Exp $
*
*/
/**
* The <code>AuthorizationDecisionStatement</code> element supplies a statement
* by the issuer that the request for access by the specified subject to the
* specified resource has resulted in the specified decision on the basis of
* some optionally specified evidence.
*
* This class is an abstract base class for all AuthorizationDecisionStatement
* implementations and encapsulates common functionality.
* @supported.all.api
*/
public abstract class AuthorizationDecisionStatementBase
extends SubjectStatement {
/**
*The <code>DecisionType</code> is an inner class defining constants for the
*type of Decisions than can be conveyed by an
*<code>AuthorizationDecisionStatement </code>.
*<br>1 implies <code>PERMIT</code>
*<br>2 implies <code>DENY</code>
*<br>3 implies <code>INDETERMINATE </code>
*<br>4 implies <code>NOT_SUPPORTED</code>
*/
public static class DecisionType {
/**
* The specified action is permitted.
*/
/**
* The specified action is denied.
*/
/**
* The issuer cannot determine whether the specified action is
* permitted or denied.
*/
/**
* The specified action is not supported.
*/
}
/**
*Default constructor
*/
protected AuthorizationDecisionStatementBase() {
}
/**
* Constructs an <code>AuthorizationStatement</code> element from an
* existing XML block.
*
* @param element representing a DOM tree element
* @exception SAMLException if there is an error in the sender or in
* the element definition.
*/
throws SAMLException {
// make sure input is not null
"AuthorizationDecisionStatement: null input.");
}
throw new SAMLRequesterException(
}
// check if it's an AuthorizationDecisionStatement
"AuthorizationDecisionStatement");
if (!valid) {
"AuthorizationDecisionStatement: Wrong input.");
}
throw new SAMLRequesterException(
}
int i = 0;
//handle the attributes of AuthorizationDecisionStatement
for (i = 0; i < attCount; i++) {
"Statement: Attribute name is either null or empty.");
}
throw new SAMLRequesterException(
}
"AuthorizationDecision" +
"Statement: Resource is null or empty.");
}
throw new SAMLRequesterException(
"missingAttributeValue"));
}
"AuthorizationDecision" +
"Statement: Decision is null or empty.");
}
throw new SAMLRequesterException(
"missingAttributeValue"));
}
else {
"AuthorizationDecision" +
"Statement: The type of decision is illegal!");
}
throw new SAMLRequesterException(
}
}
}
} // end of for loop
// Resource is required
"AuthorizationDecisionStatement: "+
"Resource is required attribute.");
}
throw new SAMLRequesterException(
}
// Decision is required
"AuthorizationDecisionStatement: "+
"Decision is required attribute.");
}
throw new SAMLRequesterException(
}
//Handle the children elements of AuthorizationDecisionStatement
if (nodeCount > 0) {
for (i = 0; i < nodeCount; i++) {
"AuthorizationDecision" +
"Statement: The tag name or tag namespace" +
" of child element is either null or empty.");
}
throw new SAMLRequesterException(
}
"AuthorizationDecisionStatement: "+
" should only contain one subject");
}
throw new SAMLRequesterException(
} else
this._subject =
}
currentNode)))) {
+ "Statment: failed to add to the"
+ " AuthorityBinding list.");
}
throw new SAMLRequesterException(
"addListError"));
}
} else {
"AuthorizationDecisionStatement: "+
"wrong element:" + tagName);
}
throw new SAMLRequesterException(
}
} // end of if (currentNode.getNodeType() == Node.ELEMENT_NODE)
} // end of for loop
} // end of if (nodeCount > 0)
// check if the subject is null
+ " should contain exactly one subject.");
}
throw new SAMLRequesterException(
}
//check if the Action is null
+ " should at least contain one Action.");
}
throw new SAMLRequesterException(
}
}
/**
* Constructs an instance of <code>AuthorizationDecisionStatement</code>.
*
* @param subject (required) A Subject object
* @param resource (required) A String identifying the resource to which
* access authorization is sought.
* @param decision (required) The decision rendered by the issuer with
* respect to the specified resource. The value is of the
* <code>DecisionType</code> simple type.
* @param action (required) A List of Action objects specifying the set of
* actions authorized to be performed on the specified resource.
* @param evidence (optional) An Evidence object representing a set of
* assertions that the issuer replied on in making decisions.
* @exception SAMLException if there is an error in the sender.
*/
throws SAMLException {
// check if the subject is null
"AuthorizationDecisionStatement:" +
"missing the subject.");
}
throw new SAMLRequesterException(
} else {
}
// Resource is required
"AuthorizationDecisionStatement: "+
"resource is required attribute");
}
throw new SAMLRequesterException(
} else {
}
// check if the decision is null
"AuthorizationDecisionStatement:" +
"The type of decision is illegal.");
}
throw new SAMLRequesterException(
} else {
}
// Actions is required
"AuthorizationDecisionStatement: "+
"Action is required.");
}
throw new SAMLRequesterException(
} else {
}
}
}
/**
* Constructs a <code>AuthorizationDecisionStatement</code> instance.
*
*@param subject (required) A Subject object
*@param resource (required) A String identifying the resource to which
* access authorization is sought.
*@param decision (required) The decision rendered by the issuer with
* respect to the specified resource. The value is of the
* <code>DecisionType</code> simple type.
*@param action (required) A List of Action objects specifying the set of
* actions authorized to be performed on the
* specified resource.
*@exception SAMLException if there is an error in the sender.
*/
// check if the subject is null
"AuthorizationDecisionStatement:" +
"missing the subject.");
}
throw new SAMLRequesterException(
} else {
}
// Resource is required
"AuthorizationDecisionStatement: "+
"resource is required attribute");
}
throw new SAMLRequesterException(
} else {
}
// check if the decision is null
"AuthorizationDecisionStatement:" +
"The type of decision is illegal.");
}
throw new SAMLRequesterException(
} else {
}
// Action is required
"AuthorizationDecisionStatement: "+
"Action is required.");
}
throw new SAMLRequesterException(
} else {
}
}
}
/**
* Creates appropriate Evidence Instance
* @param evidenceElement the Evidence Element
* @return the Evidence Object
*/
throws SAMLException;
/**
* Creates appropriate Subject Instance
* @param subjectElement the Subject Element
* @return the Subject Object
*/
throws SAMLException;
/**
* Creates appropriate Action Instance
* @param actionElement the Action Element
* @return the Action Object
*/
throws SAMLException;
/**
* Returns the action(s) from <code>AuthorizationStatement</code>.
*
* @return A List of Action object(s) specifying the set of actions
* authorized to be performed on the specified resource.
*/
return _action;
}
/**
* Returns the resource from <code>AuthorizationStatement</code>
*
* @return A String identifying the resource to which access authorization
* is sought.
*/
return _resource;
}
/**
* Returns the decision for <code>AuthorizationStatement</code>.
*
* @return The decision string such as
* <code>permit</code>
* <code>deny</code>
* <code>indetereminate</code>
*/
public int getDecision() {
return _decision;
}
/**
* Returns the real type of statement. This method returns
* <code>Statement.AUTHORIZATION_DECISION_STATEMENT</code>.
*
* @return <code>Statement.AUTHORIZATION_DECISION_STATEMENT</code>.
*/
public int getStatementType() {
}
/**
* Returns a String representation of the
* <code>AuthorizationStatement</code>.
*
* @return A String representation of the
* <code><AuthorizationDecisionStatement</code> element.
*/
return toString(true, false);
}
/**
* Returns a String representation of the
* <code>AuthorizationStatement</code>.
*
* @param includeNS Determines whether or not the namespace qualifier is
* prepended to the Element when converted
* @param declareNS Determines whether or not the namespace is declared
* within the Element.
* @return A String representation of the
* <code><AuthorizationDecisionStatement></code> element.
*/
if (includeNS) {
}
if (declareNS) {
}
append("AuthorizationDecisionStatement").
append("\">\n");
}
}
append("AuthorizationDecisionStatement>\n");
}
/**
*Converts the number to the mapping string
*@param number - an int
*@return a mapping string
*/
switch(number) {
}
return result;
}
}