PolicyCache.java revision 5819e70cd33d98751fbe907e0a358c3269159185
/*
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
*
* Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved
*
* The contents of this file are subject to the terms
* of the Common Development and Distribution License
* (the License). You may not use this file except in
* compliance with the License.
*
* You can obtain a copy of the License at
* See the License for the specific language governing
* permission and limitations under the License.
*
* When distributing Covered Code, include this CDDL
* Header Notice in each file and include the License file
* at opensso/legal/CDDLv1.0.txt.
* If applicable, add the following below the CDDL Header,
* with the fields enclosed by brackets [] replaced by
* your own identifying information:
* "Portions Copyrighted [year] [name of copyright owner]"
*
* $Id: PolicyCache.java,v 1.9 2010/01/10 01:19:35 veiming Exp $
*
* Portions Copyrighted 2011-2015 ForgeRock AS.
*/
/**
* The class <code>PolicyCache</code> manages policy cache
* for the policy framework.
*/
public class PolicyCache implements ServiceListener {
/**
* orgName+policyName:Policy
*/
/**
* orgName:PolicyManager
*/
/**
* serviceTypeName:<code>Set</code> of <code>PolicyListener</code>(s)
* Used to notify on policy changes
* At present known implementations of interface of PolicyListener are
* PolicyDecisionCacheListener and PolicyListenerRequest (from remote
* package)
* @see com.sun.identity.policy.PolicyDecisionCacheListener
* @see com.sun.identity.policy.remote.PolicyListenerRequest
*/
private ServiceConfigManager scm;
/** Gets the singleton instance of PolicyCache
* @return the singleton instance of policy cache
* @throws PolicyException if error.
*/
if (policyCache == null) {
if ( DEBUG.messageEnabled() ) {
}
policyCache = new PolicyCache();
try {
} catch (SMSException smse) {
"can_not_create_policy_cache"), smse);
} catch (SSOException ssoe) {
"can_not_create_policy_cache"), ssoe);
}
//Register policyStatsListener
if (policyStats.isEnabled()) {
= new PolicyStatsListener(policyStats);
if ( DEBUG.messageEnabled() ) {
+ " Registered PolicyStatsListener with "
+ " Stats service");
}
}
}
return policyCache;
}
/**
* Gets the singleton instance of PolicyCache.
* It takes into consideration of the SSOToken passed
* to this method as a parameter
*/
if (policyCache == null) {
if ( DEBUG.messageEnabled() ) {
}
policyCache = new PolicyCache();
try {
} catch (SMSException smse) {
"can_not_create_policy_cache"), smse);
} catch (SSOException ssoe) {
"can_not_create_policy_cache"), ssoe);
}
//Register policyStatsListener
if (policyStats.isEnabled()) {
= new PolicyStatsListener(policyStats);
if ( DEBUG.messageEnabled() ) {
+ " Registered PolicyStatsListener with "
+ " Stats service");
}
}
}
return policyCache;
}
/** No argument constructor
*/
private PolicyCache() {
}
/** Gets a policy given organization name and policy name
* @param orgName name of the organization under which the
* policy is defined
* @param policyName policy name
* @return policy with the given name under the given organization
*/
if ( DEBUG.messageEnabled() ) {
}
}
/** Gets a policy from the cache for the given the cacheKey.
* If the policy is not in the cache, it would be read from
* the data store.
* @param cacheKey cache key
* @return policy cached with the given cache key
*/
if ( DEBUG.messageEnabled() ) {
}
+ "for key:"
+ cacheKey);
}
} else {
if ( DEBUG.messageEnabled() ) {
+ cacheKey);
}
}
return policy;
}
/** Refreshes a policy into the cache for the given cacheKey.
* The policy is read from the data store and put in the cache.
* @param cacheKey cache key
* @return the refreshed policy
*/
if ( DEBUG.messageEnabled() ) {
}
try {
} catch (PolicyException pe) {
} catch (SSOException ssoe) {
}
} else {
}
return policy;
}
/** Adds a policy listener. The policy listener would be notified
* @param policyListener <code>PolicyListener</code> to add
*/
if ( oldListeners != null ) {
}
}
/** Removes a policy listener
* @param policyListener policy listener to remove
*/
if ( oldListeners != null ) {
}
}
/**
* This method will be invoked when a service's schema has been changed.
*
* @param serviceName name of the service
* @param version version of the service
*/
//NO-OP
}
/**
* This method will be invoked when a service's global configuation
* data has been changed. The parameter groupName denote the name
* of the configuration grouping (e.g. default) and serviceComponent
* denotes the service's sub-component that changed
* (e.g. /NamedPolicy, /Templates).
*
* @param serviceName name of the service
* @param version version of the service
* @param serviceComponent name of the service components that
* changed
*/
//NO-OP
}
/**
* This method will be invoked when a service's organization
* configuation data has been changed. The parameters orgName,
* groupName and serviceComponent denotes the organization name,
* configuration grouping name and
* service's sub-component that are changed respectively.
*
* @param serviceName name of the service
* @param version version of the service
* @param groupName
* @param orgName organization name as DN
* @param serviceComponent the name of the service components that
* changed
*/
int changeType) {
if ( DEBUG.messageEnabled() ) {
}
if ( DEBUG.messageEnabled() ) {
+ "Refreshing policy for cacheKey="
+ cacheKey);
}
if ( DEBUG.messageEnabled() ) {
+ " cacheKey="
+ cacheKey);
}
if ( DEBUG.messageEnabled() ) {
+ "Refreshing policy for cacheKey="
+ cacheKey);
}
} else { //unsupported notification type
+ changeType);
}
}
try {
if ( DEBUG.messageEnabled() ) {
+ "clearing index for resource type "
+ resourceTypeName);
}
// catch and log PolicyException, SSOException
} catch (PolicyException pe) {
} catch (SSOException ssoe) {
ssoe );
}
}
if ( DEBUG.messageEnabled() ) {
+ "- resetting realm subjects for orgName:"
+ orgName);
}
}
}
public void sendPolicyChangeNotification(
int changeType
) {
) {
try {
}
}
} catch (SSOException ssoe) {
ssoe);
} catch (NameNotFoundException nnfe) {
}
if (!affectedResourceNames.isEmpty()) {
}
}
}
/**
* Creates a String representation of cache key used to index
* policy cache using serviceName, version, orgName, groupName
* and serviceComponent.
* The format is like:
* where "/" is defined in key CACHE_KEY_DELIMITER
* @see #CACHE_KEY_DELIMITER
*/
}
/**
* Creates a String representation of cache key used to index
* policy cache orgName and policyName
* The format is like:
* <p>where "/" is defined in key CACHE_KEY_DELIMITER</p>
* <p>serviceComponent defaults to "/Policies/<code>policyName</code>"</p>
* <p>serviceName defaults to "iPlanetAMPolicyService"</p>
* <p>version defaults to "1.0"</p>
* <p>groupName defaults to "default"</p>
* @see #CACHE_KEY_DELIMITER
*/
}
/**
* Returns an Array of Strings representing the cache key
*/
//ou=policy1,ou=policies
return tokens;
}
/**
* Creates a policyEvent with the changed resource names
* and then invokes all the registered PolicyListeners
* to notify about the event.
*/
if( DEBUG.messageEnabled() ) {
"at firePolicyChanged(serrviceName,affectedResourceNames):");
}
if ( pListeners != null ) {
try {
} catch (Exception e) {
}
}
}
//notify policy evaluator so it can clean up cached resource names
}
/**
* Creates a policyEvent with the changed resource names
* and then invokes all the registered PolicyListeners
* to notify about the event. This is triggered when
* entitlement privilege is added, removed or modified.
*/
if( DEBUG.messageEnabled() ) {
"at firePrivilegeChanged(serrviceName,affectedResourceNames):");
}
if ( pListeners != null ) {
try {
} catch (Exception e) {
}
}
}
//notify policy evaluator so it can clean up cached resource names
}
/** Gets a policy manager for the given organization name
* PolicyCache maintains a cache of policy managers to improve
* performance during policy evaluation. This methods returns
* the policy mananger for the given organization name from the
* cache
* @param orgName name of the organization for which to get the
* policy manager
* @return policy manager for the organization
* @throws PolicyException
* @throws SSOException
*/
{
if( DEBUG.messageEnabled() ) {
"at PolicyCache.getPolicyManager():");
}
}
return pm;
}
/**
* For the organization with name <code>orgName</code>
* finds all the cached policies and calls methods
* on them to refresh policy config data.
*/
if( DEBUG.messageEnabled() ) {
"at PolicyCache.policyConfigChanged():");
}
try {
String[] clonedCacheKeys = {};
synchronized(policies) {
int i = 0;
i++;
}
}
for( int i = 0; i < length; i++) {
}
}
}
}
} catch (NameNotFoundException nnfe) {
if (DEBUG.warningEnabled()) {
}
} catch (PolicyException pe) {
} catch (SSOException se) {
}
}
try {
synchronized(stm) {
}
} catch (PolicyException pe) {
} catch (SSOException se) {
}
}
/**
* Prints the stats for policies policyManagers, policyListenerMap
*/
/* record stats for policies, policyManagers,
* policyListenersMap
*/
+ " policyListeners cache: "
}
/**
* Clears the cached membership evaluation results corresponding
* to the <code>tokenIdString</code>. This is triggered through
* <code>PolicySSOTokenListener</code> when session property
* of a logged in user is changed. This call delegates to each
* cached Policy. Each Policy in turn clears the cached
* membership evaluation results
*
* @param tokenIdString sessionId of the user whose session property changed
*/
if (DEBUG.messageEnabled()) {
+ " clearing cached subject evaluation result for "
+ " tokenId XXXXX in each cached Policy");
}
}
}
}
}