#
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
#
# Copyright (c) 2007 Sun Microsystems Inc. All Rights Reserved
#
# The contents of this file are subject to the terms
# of the Common Development and Distribution License
# (the License). You may not use this file except in
# compliance with the License.
#
# You can obtain a copy of the License at
# See the License for the specific language governing
# permission and limitations under the License.
#
# When distributing Covered Code, include this CDDL
# Header Notice in each file and include the License file
# If applicable, add the following below the CDDL Header,
# with the fields enclosed by brackets [] replaced by
# your own identifying information:
# "Portions Copyrighted [year] [name of copyright owner]"
#
# $Id: amPolicy.properties,v 1.14 2010/01/21 22:18:01 dillidorai Exp $
#
# Portions Copyrighted 2011-2016 ForgeRock, AS.
# Portions Copyrighted 2012 Open Source Solution Technology Corporation
iplanet-policy-service-name=Policy
iplanet-servicestatus-condition-name=Service Status Condition
insufficient_access_rights= User does not have sufficient access.
unable_to_get_service_config_manager= Unable to get SMS's service configuration manager.
unable_to_get_policies_for_organization= Unable to get policies for organization: {0}
org_not_found= Organization {0} not present.
policy_not_found_in_organization=Policy {0} not found in organization {1}.
unable_to_get_policy=Unable to get policy {0} for organization {1}.
invalid_xml_policy_root_node= Invalid XML policy root node.
invalid_xml_subjects_root_node= Invalid XML subjects root node.
invalid_char_in_name=Invalid character in name {0}.
policy_already_exists_in_org=Policy {0} already exists in organization {1}.
unable_to_add_policy=Unable to create policy {0} in organization {1}.
unable_to_replace_policy=Unable to replace policy {0} in organization {1}.
unable_to_remove_policy=Unable to remove policy {0} in organization {1}.
unable_to_get_policy_node=Unable to create {0} node in SMS.
unable_to_create_policy_for_org=Unable to create policy service for organization: {0}.
policy_create_success=Created policy {0} successfully in organization {1}.
policy_modify_success=Modified policy {0} successfully in organization {1}.
policy_remove_success=Removed policy {0} successfully in organization {1}.
null_name= Name is null.
illegal_character_/_in_name=Illegal character / in name.
rule_not_found=Rule was not found for the given name.
rule_name_already_present=Another rule with the given name already exists.
rule_already_present=Another rule with same values already exists.
cannot_have_more_than_one_rule=Cannot have more than one rule in a policy.
service_name_donot_match=Service names do not match between policy and rule.
invalid_class_name=Not an expected class object in the Map.
invalid_xml_rule_node= Invalid XML rule node.
invalid_xml_conditions_root_node=Invalid XML conditions node.
invalid_xml_rule_service_name=Invalid service name: {0} in rule's XML.
invalid_xml_rule_resource_name=Invalid resource name: {0} in rule's XML.
invalid_xml_rule_action_name=Invalid action name: {0} in rule's XML.
service_name_not_found=Service name with policy privileges not found: {0}.
action_name_not_found=Action name not found: {0}.
invalid_action_name=Invalid action name: {1} for service: {0}.
invalid_action_value=Invalid action value.
unbale_to_initialize_service_validator=Unable to initialize services validator.
unable_to_validate_action_names= Invalid action names and/or values.
invalid_resources_blob_no_root= Invalid resources xml content. No root node.
invalid_resources_blob_no_type= Invalid resources xml content. No type attribute.
unable_to_get_resources_for_service= Unable to get resources for service {0} in organization {1}.
name_already_present= Name already exists {0}.
name_not_present= Name not present {0}.
resource_name_not_permitted_by_prefix_names=resource {0} for service {1} can not be managed by the current organization.
no_referral_can_not_create_policy=Cannot create policy. No referral exists to the organization {0}.
no_resource_name_resource_type_can_not_have_refpolicy=Service {0} does not support resource name. Cannot create referral policy.
invalid_ldap_server_host=Invalid LDAP server host.
#
# I18N key for URLResourceName, PrefixResourceName
#
invalid_port_number= Invalid port number: {0}
both_type_wildcards_unsupported = Same rule cannot have both types of wildcards.
#
# I18N key for Role Subject
#
role_subject_invalid_config_params= Invalid configuration parameters.
role_subject_invalid_role_names= Accepts only one role name: {0}
role_subject_not_yet_initialized= LDAPRole object is not yet initialized.
#
# I18N key for Referral plugins - PeerOrgReferral, SubOrgReferral
#
can_not_get_values_for_referral=Cannot get values for referral : {0}
invalid_referral_pointing_to_self=Referral pointing to the organization {0} in which it is defined.
invalid_organization=Invalid organization being set in organization referral.
org_name_not_set= Organization name is not set in the referral.
# keys for com.sun.identity.policy.OrgUtils
#
can_not_get_org=Cannot get organization : {0}
can_not_get_child_orgs=Cannot get child organizations of : {0}
#
# keys for LDAP Subjects
#
ldap_search_exceed_size_limit=LDAP search size limit exceeded. Change the search pattern or policy configuration of the organization {0} for search control parameters.
ldap_search_exceed_time_limit=LDAP search time limit exceeded. Change the search pattern or policy configuration of the organization {0} for search control parameters.
ldap_invalid_password=Invalid LDAP bind password.
no_such_ldap_base_dn=LDAP Base DN may be specified incorrectly in policy configuration. No such object : {0}
no_such_ldap_users_base_dn=LDAP Users Base DN maybe specified incorrectly in policy configuration. No such object : {0}
no_such_am_roles_base_dn=OpenAM roles base DN maybe specified incorrectly in policy configuration. No such object : {0}
ldap_filter_partial_results=Partial results have been received, status code 9. The message provided by the LDAP server is: {0}
#
# keys for Organization
#
org_initialization_failed=Organization object initialization failed.
org_subject_not_yet_initialized=Organization object is not yet initialized.
org_subject_invalid_user_names=Invalid organization names are being set to the organization object.
org_subject_invalid_local_user_dn=User DN returned from the SSO token is invalid.
#
# keys for LDAPGroups
#
ldapgroups_initialization_failed=LDAPGroups object initialization failed.
ldapgroups_subject_not_yet_initialized=LDAPGroups object has not been initialized.
ldapgroups_subject_invalid_group_names=Invalid group names are being set to the LDAPGroups object.
ldapgroups_subject_invalid_local_user_dn=User DN returned from the SSO token is invalid.
#
# keys for LDAPRoles
#
ldaproles_initialization_failed=LDAPRoles object initialization failed.
ldaproles_subject_not_yet_initialized=LDAPRoles object is not yet initialized.
ldaproles_subject_invalid_group_names=Invalid role names are being set to the LDAPRoles object.
ldaproles_subject_invalid_local_user_dn=User DN returned from the SSO token is invalid.
#
# keys for LDAPUsers
#
ldapusers_initialization_failed=LDAPUsers object initialization failed
ldapusers_subject_not_yet_initialized=LDAPUsers object is not yet initialized
ldapusers_subject_invalid_user_names=Invalid user names are being set to the LDAPUsers object
ldapusers_subject_invalid_local_user_dn=User DN returned from the SSO token is invalid.
#
# keys for AMIdentitySubject
#
am_id_subject_not_yet_initialized=AMidentitySubject not initialized
am_id_subject_does_not_support_getvalidvalues=AMIdentitySubject does not support getValidValues()
am_id_subject_invalid_subject_values=Invalid subject values
am_id_subject_membership_evaluation_error=AMIdentitySubject - can not check membership for user {0} and subject {1}
#
# keys for conditions
#
invalid_condition=Invalid condition: {0}
properties_not_initialized=Properties have not been initialized.
property_is_not_an_Integer={0} property value should be an Integer.
property_is_not_a_Long={0} property value should be a Long.
property_is_not_a_String={0} property value should be a String.
property_is_not_a_Set={0} property value should be a Set of string values.
properties_can_not_be_null_or_empty=Properties can not be null or empty.
required_properties_can_not_be_null_or_empty=Properties can not be null or empty: {0}
property_value_not_defined={0} property value should be defined.
attempt_to_set_invalid_property=Attempt to set invalid property {0}
property_does_not_allow_empty_or_multiple_values={0} property does not allow empty or multiple values.
property_does_not_allow_empty_values={0} property does not allow empty values.
property_does_not_allow_multiple_values={0} property does not allow multiple values.
at_least_one_of_the_properties_should_be_defined=At least one of the properties Start Date, Start Time, Start Day should be defined with non null value.
start_ip_can_not_be_greater_than_end_ip=Start IP can not be larger than end IP.
pair_property_not_defined=Should define value for {1}, since value is defined for {0}
invalid_property_value=Invalid value {1} for property {0}
multiple_value_not_allowed_for_property=property {0} does not allow multiple values.
start_date_can_not_be_larger_than_end_date=Start date can not be larger than end date.
invalid_sso_token=SSO token is invalid.
unable_to_parse_ssotoken_authinstant=Unable to parse SSO token authInstant to Date.
MaxSessionTime=Maximum Session Time (minutes)
TerminateSession=Terminate Session
session_condition_true_value=true
session_condition_false_value=false
auth_scheme_not_found=Authentication module instance can not be retrieved.
adviceName_adviceValue_not_valid=AdviceName OR AdviceValue is not defined or invalid.
client_ip_null=Requested client IP address is null.
resource_env_not_known=This resource or environment is not supported currently.
null_properties=Properties are NULL or empty.
null_env_cond_value=Resource / Environment condition value is NULL or empty.
resourceEnvIPConditionValue=Environment condition value (e.g. IF IP=[127.0.0.1] THEN module=LDAP)
invalid_oauth2_scope=Invalid OAuth2 Scope ''{0}'': See RFC 6749 section 3.3 for allowed values.
#
# keys for response providers
#
iplanet-idrepo-responseprovider-name=Identity Repository Response Provider
invalid_response_provider=Invalid response provider: {0}
missing_required_property=One or all of the properties {0},{1} not defined.
invalid_dynamic_property_being_set=Invalid Dynamic property being set: {0}
invalid_format_static_property=Invalid Format of Static property, needs to be Attr=Val[|Val1|Val2] format :{0}
idrepo_initialization_failed=IDRepoResponseProvider object initialization failed.
idrepo_response_provider_not_yet_initialized=IDRepoResponseProvider is not yet initialized.
invalid_xml_resp_providers_root_node=Invalid xml ResponseProviders Node.
invalid_xml_resp_provider_root_node=Invalid xml ResponseProvider Node.
token_principal_null=Principal in the token is null.
iplanet-policy-resource-interface-name=Resource
iplanet-policy-referral-interface-name=Referral
iplanet-policy-subject-interface-name=Subject
iplanet-policy-condition-interface-name=Condition
iplanet-peerorg-referral=Peer Realm
iplanet-suborg-referral=Sub Realm
iplanet-subject-Org-name=Organization
iplanet-subject-IdentityServerRoles-name=OpenAM Roles
iplanet-subject-LDAPRoles-name=LDAP Roles
iplanet-subject-LDAPGroups-name=LDAP Groups
iplanet-subject-LDAPUsers-name=LDAP Users
iplanet-authrole-condition-name=Authentication to a Role
iplanet-authlevel-condition-name=Authentication Level (greater than or equal to)
iplanet-leauthlevel-condition-name=Authentication Level (less than or equal to)
iplanet-authscheme-condition-name=Authentication by Module Instance
sun-authenticatetorealm-condition-name=Authentication to a Realm
sun-authenticatetoservice-condition-name=Authentication by Module Chain
iplanet-ip-condition-name=IP Address/DNS Name
iplanet-time-condition-name=Time (day, date, time, and timezone)
iplanet-session-condition-name=Active Session Time
sun-sessionproperty-condition-name=Current Session Properties
sun-ldapfilter-condition-name=LDAP Filter Condition
sun-privilege-condition-name=Entitlement Privilege Condition
sun-amidentitymembership-condition-name=Identity Membership
sun-resourceenvip-condition-name=Resource/Environment/IP Address
iplanet-userselfcheck-condition-name=Self
iplanet-sharedagents-condition-name=Shared Agents
org-forgerock-oauth2scope-condition-name=OAuth2 Scope
SunIdentityServer-subject-AuthenticatedUsers-name=Authenticated Users
SunIdentityServer-subject-AMIdentitySubject-name=OpenAM Identity Subject
SunIdentityServer-subject-PrivilegeSubject-name=Entitlement Privilege Subject
#keys used by policy cache
can_not_create_policy_cache=Cannot create policy cache.
can_not_refresh_policy_for_cachekey=Cannot refresh policy for cachekey {0}
#
# keys used by policy remote interface
#
invalid_auth_level_in_request=Invalid authentication level specified in the policy request.
auth_level_not_integer=AuthLevel value {0} not an integer
request_authlevel_in_env_not_Integer_or_set=requestAuthLevel in request env not an Integer or Set
request_authlevel_in_env_set_element_not_string=element in requestAuthLevel Set in env not String
invalid_ip_in_request=Invalid IP address specified in the policy request.
invalid_dns_name_in_request=Invalid DNS name specified in the policy request.
invalid_request_time_in_request=Invalid time specified in the policy request.
invalid_request_time_zone_in_request=Invalid time zone specified in the policy request.
invalid_policy_request_type=Invalid policy request type.
user_sso_token_invalid=User's SSO token is invalid.
invalid_env_parameters=Invalid environment parameters.
evaluation_error=Evaluation error.
invalid_policy_request_format=Invalid policy request format.
unable_to_get_an_evaluator=Failed to get a policy evaluator.
xml_parsing_error=XML parsing error
invalid_root_element=Invalid root element specified in the request.
invalid_policy_service_method=Invalid policy service method specified.
invalid_policy_request_method=Invalid policy request method specified.
invalid_policy_response_method=Invalid policy response method specified.
missing_attribute=Missing attribute {0}
missing_element=Missing element {0}
missing_elements=Missing either {0} or {1} element
invalid_value_for_attribute=Invalid value {0} set for attribute {1}
#
# keys used by policy jaas api
#
invalid_permission=Invalid Permission: {0}
readonly_permission_collection=Attempt to write into a read only permission collection.
policy_evaluation=Policy Evaluation result : Policy {0} in organization {1} for service {2}, resource {3} and action names {4} is {5}.
#
# client policy api
#
attempt.policy.evaluation=Attempt to evaluate policy, user={0} service={1} resource={2}
done.policy.evaluation=Policy is evaluated, user={0} service={1} resource={2}
attempt.add.policy.listener=Attempt to add policy listener, {0}
done.add.policy.listener=Policy listener is added, {0}
failed.add.policy.listener=Cannot add policy listener, {0}
attempt.remove.policy.listener=Attempt to remove policy listener, {0}
done.remove.policy.listener=Policy listener is removed, {0}
failed.remove.policy.listener=Cannot remove policy listener, {0}
no.log.filename=Could not retrieve log file name.
no.use.wild.card=Could not retrieve use wildcard indicator.
no.naming.urls=Could not retrieve naming service URL.
no.app.user.name=Could not retrieve application user name.
no.app.password=Could not retrieve application password.
no.sso.token=User's Single-Sign-On Token is missing.
no.policy.service.url=Could not get policy service URL.
no.resource.comparator.class=Could not retrieve resource name comparator class.
no.resource.delimiter=Could not retrieve resource delimiter.
no.resource.case.sensitive=Could not retrieve resource case sensitive flag.
invalid.cache.size=Could not retrieve cache size.
invalid.polling.interval=Could not retrieve polling interval.
invalid_cache_ttl=Cache Time To Live is invalid.
invalid.notificationurl=Notification URL specified is invalid.
no.policy.logging.level=Remote logging level specified is invalid.
invalid_boolean_action_values=Invalid boolean action values definition: {0}
invalid_resource_comparator=Invalid resource comparator definition: {0}
action_does_not_have_boolean_syntax=Schema for action {0} does not have boolean syntax.
policy_eval_allow=Policy evaluation result for resource={0} with action name={1} is ALLOW.
policy_eval_deny=Policy evaluation result for resource={0} with action name={1} is DENY.
policy_eval_result=Policy evaluation result for resource={0} with action name(s)={1} is {2}
policy_eval_decision=Policy evaluation decision for resource={0} with actionNames={1} is {2}
can_not_create_app_sso_token=Cannot create application SSO token.
received_expired_decision=Received expired policy decision from server for resourceName={0}
server_reported_invalid_app_sso_token=Server reported Application SSO Token is invalid, serverMessage={0}
rest_call_to_server_caused_302=REST call to server caused 302 redirect, serverMessage={0}
server_reported_exception=Server reported Exception, serverMessage={0}
pll_send_request_exception=Error communicating with server, message={0}
policy_service_url_not_found=Cannot find URL to policy service.
openam_url_not_found=Cannot find URL of OpenAM.
proxied_policy_evaluation=Policy decision computed by admin {0} for principal {1} for resource {2} is {3}
proxied_policy_evaluation_ignoring_subjects=Policy decision computed by admin {0} ignoring subjects for resource {1} is {2}
can_not_get_proxy_sso_token=Cannot create proxy SSO token.
no_permission_to_create_proxy_sso_token=No permission to create proxy SSO token.
protected_resources=Policies protecting Resource {1} for for principal {0} are {2}
invalid_time_to_live= Invalid Time to Live: {0}
missing_attribute_in_resourceresult= Missing attribute in Resource Result: {0}
invalid_sub_resourceresult=Invalid sub resource result :{1}, for resource :{0}
invalid_admin=Invalid administrator user ID or password from DSConfigMgr.
invalid_subject=Invalid subject name.
invalid_referral=Invalid referral name.
error_reading_resource_index_from_data_store=Error reading Resource Index from datastore.
invalid_realm_name=Invalid realm name
policy_realms_do_not_match=Can not add subject from realm {0} to policy that already has subject from realm {1}
policy_realm_does_not_match=Can not add policy in realm {0} having subject from realm {1}
unable_to_save_realm_subjects=Can not save subjects in realm {0}
invalid_xml_realmsubjects_rootnode=Invalid realm subjects root node
could_not_initialize_realm_subjects=Could not initialize realm subjects
realm_suject_not_found=Realm subject {0} not found
can_not_set_values_in_shared_subject=Can not set values in shared subject
could_not_get_advices_handleable_by_am=Could not get advice names handleable by OpenAM
unable_to_get_policy_serivce_revision=Can not get policy service revision number
unable_to_get_org_config_manager_for_org=Can not get OrganizationConfigManager for Realm {0}
unable_to_get_org_alias_for_org=Can not get OrgAlias for Realm {0}
malformed_url_unable_to_get_org_alias=Malformed URL {0}, Can not find OrgAlias
unable_to_get_alias_mapped_org=Can not get Realm for OrgAlias {0}
ldapfiltercondition_setpolicyconfig_null_policy_config=policy configuration passed to LDAP Filter Condition Plug-in is null
ldapfiltercondition_resetpolicyconfig_null_realm_dn=realm dn passed to LDAP Filter Condition Plug-in is null
can_not_get_subject_values=Cannot get values for Subject: {0}
iplanet-sample-referral=Sample Referral
iplanet-sample-responseprovider=Sample Response Provider
iplanet-subject-SampleSubject-name=Sample Subject
iplanet-samplecondition-condition-name=Sample Condition
privilegeConditionState=State
rest_policy_request_exception=Hit Exception on decision REST call to server, message:{0}
service_name_can_not_be_null=service name can not be null for decision call
subject_can_not_be_null=subject can not be null for decision call
resource_can_not_be_null=resource can not be null for decision call
rest_call_failed_with_io_exception=REST decision call failed with IO exception
error_rest_reponse=REST response not in expected format
admin_can_not_be_null=admin token identity can not be null
SunIdentityServer-subject-WebServicesClients-name=Web Services Clients
webservicesclients_subject_invalid_user_names=Invalid Web Services Clients for this subject.